SOAP Query Vulnerability in IBM Tivoli Monitoring
CVE-2016-6083

5.3MEDIUM

Key Information:

Vendor
IBM
Status
Tivoli Monitoring V6
Vendor
CVE Published:
27 June 2017

Summary

The IBM Tivoli Monitoring V6 contains a vulnerability that allows unauthenticated users to access SOAP queries, potentially exposing sensitive information. This issue can lead to unauthorized access and data breaches, emphasizing the need for proper authorization mechanisms to safeguard sensitive data from unauthorized users. Organizations using this product should ensure adequate security measures are implemented to mitigate the risks associated with this vulnerability. More information can be found in the references.

Affected Version(s)

Tivoli Monitoring V6 6.2.2

Tivoli Monitoring V6 6.2.3

Tivoli Monitoring V6 6.3.0

References

http://www.ibm.com/support/docview.wss?uid=swg22000909
x_refsource_CONFIRM
https://exchange.xforce.ibmcloud.com/vulnerabilities/117696
x_refsource_MISC
http://www.securityfocus.com/bid/99259
vdb-entryx_refsource_BID

CVSS V3.1

Score:
5.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.