Vulnerability Details CVE-2016-2861
IBM WebSphere eXtreme Scale 7.1.0 before 7.1.0.3, 7.1.1 before 7.1.1.1, 8.5 before 8.5.0.3, and 8.6 before 8.6.0.8 does not properly encrypt data, which makes it easier for remote attackers to obtain sensitive information by sniffing the network.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 45.4%
CVSS Severity
CVSS v3 Score 3.7
CVSS v2 Score 4.3
References
- http://www-01.ibm.com/support/docview.wss?uid=swg1PI60897
- http://www-01.ibm.com/support/docview.wss?uid=swg1PI60898
- http://www-01.ibm.com/support/docview.wss?uid=swg21983036
- http://www-01.ibm.com/support/docview.wss?uid=swg1PI60897
- http://www-01.ibm.com/support/docview.wss?uid=swg1PI60898
- http://www-01.ibm.com/support/docview.wss?uid=swg21983036
Products affected by CVE-2016-2861
-
cpe:2.3:a:ibm:websphere_extreme_scale:7.1.0
-
cpe:2.3:a:ibm:websphere_extreme_scale:7.1.0.2
-
cpe:2.3:a:ibm:websphere_extreme_scale:7.1.1
-
cpe:2.3:a:ibm:websphere_extreme_scale:8.5.0
-
cpe:2.3:a:ibm:websphere_extreme_scale:8.5.0.1
-
cpe:2.3:a:ibm:websphere_extreme_scale:8.5.0.2
-
cpe:2.3:a:ibm:websphere_extreme_scale:8.6.0
-
cpe:2.3:a:ibm:websphere_extreme_scale:8.6.0.0
-
cpe:2.3:a:ibm:websphere_extreme_scale:8.6.0.1
-
cpe:2.3:a:ibm:websphere_extreme_scale:8.6.0.2
-
cpe:2.3:a:ibm:websphere_extreme_scale:8.6.0.3
-
cpe:2.3:a:ibm:websphere_extreme_scale:8.6.0.4
-
cpe:2.3:a:ibm:websphere_extreme_scale:8.6.0.5
-
cpe:2.3:a:ibm:websphere_extreme_scale:8.6.0.6
-
cpe:2.3:a:ibm:websphere_extreme_scale:8.6.0.7