Vulnerability Details CVE-2016-0380
IBM Sterling Connect:Direct for Unix 4.1.0 before 4.1.0.4 iFix073 and 4.2.0 before 4.2.0.4 iFix003 uses default file permissions of 0664, which allows local users to obtain sensitive information via standard filesystem operations.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 11.5%
CVSS Severity
CVSS v3 Score 3.3
CVSS v2 Score 2.1
References
- http://www-01.ibm.com/support/docview.wss?uid=swg1IT14769
- http://www-01.ibm.com/support/docview.wss?uid=swg21988278
- http://www.securityfocus.com/bid/92336
- http://www-01.ibm.com/support/docview.wss?uid=swg1IT14769
- http://www-01.ibm.com/support/docview.wss?uid=swg21988278
- http://www.securityfocus.com/bid/92336
Products affected by CVE-2016-0380
-
cpe:2.3:a:ibm:sterling_connect:direct