Cross-Site Scripting Vulnerability in IBM BigFix Remote Control
CVE-2016-2934

6.1MEDIUM

Key Information:

Vendor
IBM
Vendor
CVE Published:
30 November 2016

Summary

The vulnerability enables remote attackers to exploit IBM BigFix Remote Control versions prior to 9.1.3 by injecting arbitrary web scripts or HTML through unspecified vectors. This can potentially lead to unauthorized actions or the disclosure of sensitive information via a compromised web interface.

References

CVSS V3.1

Score:
6.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.