Vulnerability Details CVE-2016-2951
IBM BigFix Remote Control before 9.1.3 does not properly set the default encryption strength, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by sniffing the network and performing calculations on encrypted data.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 35.7%
CVSS Severity
CVSS v3 Score 3.7
CVSS v2 Score 4.3
References
- http://www-01.ibm.com/support/docview.wss?uid=swg1IV89785
- http://www-01.ibm.com/support/docview.wss?uid=swg21991885
- http://www.securityfocus.com/bid/94601
- http://www-01.ibm.com/support/docview.wss?uid=swg1IV89785
- http://www-01.ibm.com/support/docview.wss?uid=swg21991885
- http://www.securityfocus.com/bid/94601
Products affected by CVE-2016-2951
-
cpe:2.3:a:ibm:bigfix_remote_control:9.1.2