Authentication Bypass Vulnerability in IBM Integration Bus
CVE-2016-8918

5.9MEDIUM

Key Information:

Vendor
IBM
Vendor
CVE Published:
1 February 2017

Summary

The observed vulnerability in IBM Integration Bus arises from its configuration settings, where improper adjustments can allow unauthorized remote users to authenticate without providing valid credentials. This presents a significant security risk, as it could enable potential attackers to gain access to sensitive system data or functionalities without proper authorization. Organizations using IBM Integration Bus should review their configuration settings to mitigate the risk associated with this vulnerability.

Affected Version(s)

Integration Bus 9.0.0.0

Integration Bus 9.0

Integration Bus 10

References

CVSS V3.1

Score:
5.9
Severity:
MEDIUM
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.