IBM License Metric Tool v9 and IBM BigFix Inventory v9 could disclose sensitive information to an unauthorized user using HTTP GET requests. This information could be used to mount further attacks against the system.
CVE(s): CVE-2016-8977
Affected product(s) and affected version(s):
IBM License Metric Tool v9
IBM BigFix Inventory v9
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2if2U1S
X-Force Database: http://ift.tt/2jeprjw
from IBM Product Security Incident Response Team http://ift.tt/2if7z3L
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.