File Manipulation Vulnerability in IBM Integration Bus and WebSphere Message Broker
CVE-2016-0394

3.3LOW

Key Information:

Vendor: IBM Corporation
Status: Integration Bus
Vendor: CVE Published:; 1 February 2017

Summary

A vulnerability exists in IBM Integration Bus and WebSphere Message Broker due to incorrect permissions assigned to certain objects. This misconfiguration could potentially allow a local attacker to manipulate critical files, compromising the integrity of the system. Users are advised to review their security settings to mitigate any risks associated with this vulnerability.

Affected Version(s)

Integration Bus 9.0.0.0

Integration Bus 9.0

Integration Bus 10

References

http://www.ibm.com/support/docview.wss?uid=swg21985013

x_refsource_CONFIRM

http://www.securityfocus.com/bid/94577

vdb-entryx_refsource_BID

CVSS V3.1

Score:

3.3

Severity:

LOW

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 1, 2017
Vulnerability Reserved
Dec 8, 2015