CVE-2016-5933

MEDIUM

IBM Tivoli Monitoring <6.3 - SSRF

Title source: llm

Description

IBM Tivoli Monitoring 6.2 and 6.3 is vulnerable to possible host header injection attack that could lead to HTTP cache poisoning or firewall bypass. IBM Reference #: 1997223.

References (1)

[Vendor Advisory] http://www.ibm.com/support/docview.wss?uid=swg21997223

Scores

CVSS v3 4.6

EPSS 0.0021

EPSS Percentile 43.0%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N

Classification

CWE

CWE-254

Status published

Affected Products (50)

ibm/tivoli_monitoring

ibm/tivoli_monitoring

ibm/tivoli_monitoring

ibm/tivoli_monitoring

ibm/tivoli_monitoring

ibm/tivoli_monitoring

ibm/tivoli_monitoring

ibm/tivoli_monitoring

ibm/tivoli_monitoring

ibm/tivoli_monitoring

ibm/tivoli_monitoring

ibm/tivoli_monitoring

ibm/tivoli_monitoring

ibm/tivoli_monitoring

ibm/tivoli_monitoring

... and 35 more

Timeline

Published Mar 08, 2017

Tracked Since Feb 18, 2026