Information disclosure in Ibm Websphere_extreme_scale
CVE-2016-2861
IBM WebSphere eXtreme Scale 7.1.0 before 7.1.0.3, 7.1.1 before 7.1.1.1, 8.5 before 8.5.0.3, and 8.6 before 8.6.0.8 does not properly encrypt data, which makes it easier for remote attackers to obtain sensitive information by sniffing the n…
Vulnerability class: Information Disclosure
EPSS: 0.011 (60.1th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 3.7 (Low). Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N.
Affected products
- Ibm Websphere_extreme_scale — versions 7.1.0, 7.1.0.2, 7.1.1
- N/a — versions n/a
Weakness classification (CWE)
References
- psirt@us.ibm.com (vendor-advisory, x_refsource_AIXAPAR)
- psirt@us.ibm.com (x_refsource_CONFIRM, Patch, Vendor Advisory)
- psirt@us.ibm.com (vendor-advisory, x_refsource_AIXAPAR)
Frequently asked questions
- What is CVE-2016-2861?
- CVE-2016-2861 is a low-severity vulnerability in Ibm Websphere_extreme_scale, classified under Information Disclosure. CVSS score: 3.7/10. Published 2016-07-02.
- How severe is CVE-2016-2861?
- Low severity. CVSS v3 base score is 3.7 out of 10.