File Manipulation Vulnerability in IBM Integration Bus and WebSphere Message Broker
CVE-2016-0394

3.3LOW

Key Information:

Vendor

IBM Corporation
Status
Integration Bus
Vendor
CVE Published:
1 February 2017

What is CVE-2016-0394?

A vulnerability exists in IBM Integration Bus and WebSphere Message Broker due to incorrect permissions assigned to certain objects. This misconfiguration could potentially allow a local attacker to manipulate critical files, compromising the integrity of the system. Users are advised to review their security settings to mitigate any risks associated with this vulnerability.

Affected Version(s)

Integration Bus 9.0.0.0

Integration Bus 9.0

Integration Bus 10

References

http://www.ibm.com/support/docview.wss?uid=swg21985013
x_refsource_CONFIRM
http://www.securityfocus.com/bid/94577
vdb-entryx_refsource_BID

CVSS V3.1

Score:
3.3
Severity:
LOW
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.