Remote Code Execution Vulnerability in IBM Security Identity Manager
CVE-2016-0324

8.8HIGH

Key Information:

Vendor: IBM
Status: Security Identity Manager Virtual Appliance
Vendor: CVE Published:; 12 January 2018

What is CVE-2016-0324?

The vulnerability in IBM Security Identity Manager Virtual Appliance versions 7.0.0.0 to 7.0.1.0 can be exploited by remote authenticated users. This can lead to the execution of arbitrary code with administrator privileges through unspecified vectors, potentially compromising the integrity and security of the system. Organizations using affected versions should prioritize applying patches to safeguard against this security risk.

References

http://www-01.ibm.com/support/docview.wss?uid=swg21981438

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/111640

vdb-entryx_refsource_XF

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 12, 2018
Vulnerability Reserved
Dec 8, 2015