CVE-2016-5943

MEDIUM

IBM Spectrum Control <5.2.11 - Auth Bypass

Title source: llm
STIX 2.1

Description

IBM Spectrum Control (formerly Tivoli Storage Productivity Center) 5.2.x before 5.2.11 allows remote authenticated users to bypass intended access restrictions, and read task details or edit properties, via unspecified vectors.

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/93084
Patch, Vendor Advisory x_refsource_confirm
http://www-01.ibm.com/support/docview.wss?uid=swg21988625
Vendor Advisory vendor-advisory x_refsource_aixapar
http://www-01.ibm.com/support/docview.wss?uid=swg1IT16944

Scores

CVSS v3 5.4
EPSS 0.0086
EPSS Percentile 54.2%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

Details

CWE
CWE-284
Status published
Products (16)
ibm/spectrum_control 5.2.0
ibm/spectrum_control 5.2.1
ibm/spectrum_control 5.2.1.1
ibm/spectrum_control 5.2.2
ibm/spectrum_control 5.2.3
ibm/spectrum_control 5.2.4
ibm/spectrum_control 5.2.4.1
ibm/spectrum_control 5.2.5
ibm/spectrum_control 5.2.5.1
ibm/spectrum_control 5.2.6
... and 6 more
Published Sep 26, 2016
Tracked Since Feb 18, 2026