Authentication Bypass Vulnerability in IBM Integration Bus
CVE-2016-8918
5.9MEDIUM
Summary
The observed vulnerability in IBM Integration Bus arises from its configuration settings, where improper adjustments can allow unauthorized remote users to authenticate without providing valid credentials. This presents a significant security risk, as it could enable potential attackers to gain access to sensitive system data or functionalities without proper authorization. Organizations using IBM Integration Bus should review their configuration settings to mitigate the risk associated with this vulnerability.
Affected Version(s)
Integration Bus 9.0.0.0
Integration Bus 9.0
Integration Bus 10
References
CVSS V3.1
Score:
5.9
Severity:
MEDIUM
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved