Vulnerability in IBM BigFix Remote Control Affects User Password Security
CVE-2016-2929

8.1HIGH

Key Information:

Vendor
IBM
Vendor
CVE Published:
25 November 2016

Summary

IBM BigFix Remote Control prior to version 9.1.3 contains a vulnerability that fails to properly restrict the choices for user passwords. This issue may allow remote attackers to effectively exploit the system by employing brute-force techniques to guess passwords, potentially leading to unauthorized access. Organizations using affected versions should consider updating to ensure strong password policies are enforced, thereby enhancing their overall security posture.

References

CVSS V3.1

Score:
8.1
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.