Vulnerability Details CVE-2016-5967
The installation component in IBM Rational Asset Analyzer (RAA) 6.1.0 before FP10 allows local users to discover the WAS Admin password by reading IM native logs.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 16.0%
CVSS Severity
CVSS v3 Score 5.5
CVSS v2 Score 2.1
References
- http://www-01.ibm.com/support/docview.wss?uid=swg1PI61540
- http://www-01.ibm.com/support/docview.wss?uid=swg21990215
- http://www.securityfocus.com/bid/93145
- http://www-01.ibm.com/support/docview.wss?uid=swg1PI61540
- http://www-01.ibm.com/support/docview.wss?uid=swg21990215
- http://www.securityfocus.com/bid/93145
Products affected by CVE-2016-5967
-
cpe:2.3:a:ibm:rational_asset_analyzer:6.1.0
-
cpe:2.3:a:ibm:rational_asset_analyzer:6.1.0.1
-
cpe:2.3:a:ibm:rational_asset_analyzer:6.1.0.2
-
cpe:2.3:a:ibm:rational_asset_analyzer:6.1.0.3
-
cpe:2.3:a:ibm:rational_asset_analyzer:6.1.0.4
-
cpe:2.3:a:ibm:rational_asset_analyzer:6.1.0.5
-
cpe:2.3:a:ibm:rational_asset_analyzer:6.1.0.6
-
cpe:2.3:a:ibm:rational_asset_analyzer:6.1.0.7
-
cpe:2.3:a:ibm:rational_asset_analyzer:6.1.0.8
-
cpe:2.3:a:ibm:rational_asset_analyzer:6.1.0.9