Vulnerability Details : CVE-2016-5979
IBM Distributed Marketing 8.6, 9.0, and 10.0 could allow a privileged authenticated user to create an instance that gets created with security profile not valid for the templates, that results in the new instance not accessible for the intended user. IBM X-Force ID: 116379.
Products affected by CVE-2016-5979
- cpe:2.3:a:ibm:distributed_marketing:8.6.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:distributed_marketing:8.6.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:distributed_marketing:8.6.0.10:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:distributed_marketing:9.1.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:distributed_marketing:9.1.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:distributed_marketing:10.0.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:distributed_marketing:10.0.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:distributed_marketing:8.6.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:distributed_marketing:8.6.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:distributed_marketing:9.1.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:distributed_marketing:9.1.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:distributed_marketing:9.1.0.10:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:distributed_marketing:9.1.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:distributed_marketing:9.1.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:distributed_marketing:8.6.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:distributed_marketing:8.6.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:distributed_marketing:8.6.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:distributed_marketing:9.1.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:distributed_marketing:9.1.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:distributed_marketing:9.1.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:distributed_marketing:9.1.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:distributed_marketing:8.6.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:distributed_marketing:8.6.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:distributed_marketing:9.1.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:distributed_marketing:9.1.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:distributed_marketing:9.1.0.11:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:distributed_marketing:9.1.2.1:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2016-5979
0.07%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 28 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2016-5979
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.0
|
MEDIUM | AV:N/AC:L/Au:S/C:N/I:N/A:P |
8.0
|
2.9
|
NIST | |
2.7
|
LOW | CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L |
1.2
|
1.4
|
NIST |
CWE ids for CVE-2016-5979
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2016-5979
-
http://www.ibm.com/support/docview.wss?uid=swg21999526
IBM Security Bulletin: Input validation vulnerability in IBM Distributed Marketing (CVE-2016-5979)Patch;Vendor Advisory
Jump to