CVE-2016-2996

MEDIUM

IBM Security Privileged Identity Manager 2.0 - Authenticated Arbitrary File Write

Title source: llm
STIX 2.1

Description

IBM Security Privileged Identity Manager 2.0 before 2.0.2 FP8, when Virtual Appliance is used, allows remote authenticated users to append to arbitrary files via unspecified vectors.

References (1)

Core 1
Core References
Vendor Advisory x_refsource_confirm
http://www-01.ibm.com/support/docview.wss?uid=swg21988706

Scores

CVSS v3 6.5
EPSS 0.0088
EPSS Percentile 54.6%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Details

CWE
CWE-20
Status published
Products (3)
ibm/security_privileged_identity_manager 2.0.0
ibm/security_privileged_identity_manager 2.0.1
ibm/security_privileged_identity_manager 2.0.2
Published Nov 24, 2016
Tracked Since Feb 18, 2026