CVE-2016-0396

HIGH

IBM Tivoli Endpoint Manager - Privilege Escalation

Title source: llm

Description

IBM Tivoli Endpoint Manager could allow a user under special circumstances to inject commands that would be executed with unnecessary higher privileges than expected.

References (2)

Core 2

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/94155

Patch, Vendor Advisory x_refsource_confirm

http://www.ibm.com/support/docview.wss?uid=swg21993206

Scores

CVSS v3 8.1

EPSS 0.0053

EPSS Percentile 67.5%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-77

Status published

Products (8)

ibm/bigfix_platform 9.0

ibm/bigfix_platform 9.1

ibm/bigfix_platform 9.2

ibm/bigfix_platform 9.5

IBM Corporation/BigFix Platform 9.0

IBM Corporation/BigFix Platform 9.1

IBM Corporation/BigFix Platform 9.2

IBM Corporation/BigFix Platform 9.5

Published Feb 01, 2017

Tracked Since Feb 18, 2026