Brute Force Vulnerability in IBM Security Identity Manager Virtual Appliance
CVE-2016-0332
9.8CRITICAL
Key Information:
- Vendor
- IBM
- Vendor
- CVE Published:
- 12 January 2018
Summary
IBM Security Identity Manager Virtual Appliance versions 7.0.0.0 through 7.0.1.0 prior to the 7.0.1-ISS-SIM-FP0001 update are susceptible to a brute force vulnerability. The system does not adequately restrict login attempts, allowing remote attackers to exploit this weakness and gain unauthorized access. This flaw highlights the importance of implementing robust security measures and controls to protect sensitive information from malicious efforts.
References
CVSS V3.1
Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved