Vulnerability Details CVE-2016-2927
IBM BigFix Remote Control before 9.1.3 does not properly restrict the set of available encryption algorithms, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by sniffing the network and performing calculations on encrypted data.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 39.6%
CVSS Severity
CVSS v3 Score 5.9
CVSS v2 Score 4.3
References
- http://www-01.ibm.com/support/docview.wss?uid=swg1IV89792
- http://www-01.ibm.com/support/docview.wss?uid=swg21991875
- http://www.securityfocus.com/bid/94561
- http://www-01.ibm.com/support/docview.wss?uid=swg1IV89792
- http://www-01.ibm.com/support/docview.wss?uid=swg21991875
- http://www.securityfocus.com/bid/94561
Products affected by CVE-2016-2927
-
cpe:2.3:a:ibm:bigfix_remote_control:9.1.2