CVE-2016-2996
MEDIUMIBM Security Privileged Identity Manager - Improper Input Validation
Title source: ruleDescription
IBM Security Privileged Identity Manager 2.0 before 2.0.2 FP8, when Virtual Appliance is used, allows remote authenticated users to append to arbitrary files via unspecified vectors.
Scores
CVSS v3
6.5
EPSS
0.0015
EPSS Percentile
35.3%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Classification
CWE
CWE-20
Status
published
Affected Products (4)
ibm/security_privileged_identity_manager
ibm/security_privileged_identity_manager
ibm/security_privileged_identity_manager
n/a/n/a
Timeline
Published
Nov 24, 2016
Tracked Since
Feb 18, 2026