Password Creation Vulnerability in IBM Security Identity Manager Virtual Appliance
CVE-2016-0330

7.3HIGH

Key Information:

Vendor: IBM
Status: Security Identity Manager Adapter
Vendor: CVE Published:; 15 July 2016

Summary

The IBM Security Identity Manager Virtual Appliance is susceptible to a vulnerability that improperly manages password creation mechanisms. This flaw enables remote attackers to exploit the password algorithm, potentially granting them unauthorized access to the system. Users are advised to update to versions that include fixes to safeguard against this security risk.

References

http://www-01.ibm.com/support/docview.wss?uid=swg21985736

x_refsource_CONFIRM

http://www.securitytracker.com/id/1036255

vdb-entryx_refsource_SECTRACK

CVSS V3.1

Score:

7.3

Severity:

HIGH

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 15, 2016
Vulnerability Reserved
Dec 8, 2015