Access Control Flaw in IBM Spectrum Control Allows Privilege Escalation
CVE-2016-5943
5.4MEDIUM
Summary
An access control vulnerability in IBM Spectrum Control (previously Tivoli Storage Productivity Center) versions prior to 5.2.11 enables remote authenticated users to bypass intended access restrictions. This flaw can allow them to access sensitive task details and modify properties through unspecified vectors, potentially leading to unauthorized actions and data exposure.
References
CVSS V3.1
Score:
5.4
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved