Remote Access Vulnerability in IBM BigFix Remote Control Software
CVE-2016-2944
9.8CRITICAL
Summary
The IBM BigFix Remote Control software prior to version 9.1.3 is susceptible to vulnerabilities in access control mechanisms. The application fails to adequately limit the number of failed login attempts. This design flaw allows remote attackers to exploit the system through brute-force techniques, potentially leading to unauthorized access. Organizations using affected versions should take immediate steps to upgrade their software and implement additional security measures to protect against such attacks.
References
CVSS V3.1
Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved