CVE-2016-5943

MEDIUM

IBM Spectrum Control <5.2.11 - Auth Bypass

Title source: llm

Description

IBM Spectrum Control (formerly Tivoli Storage Productivity Center) 5.2.x before 5.2.11 allows remote authenticated users to bypass intended access restrictions, and read task details or edit properties, via unspecified vectors.

References (3)

[Vendor Advisory] http://www-01.ibm.com/support/docview.wss?uid=swg1IT16944

[Patch, Vendor Advisory] http://www-01.ibm.com/support/docview.wss?uid=swg21988625

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/93084

Scores

CVSS v3 5.4

EPSS 0.0011

EPSS Percentile 29.1%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

Classification

CWE

CWE-284

Status published

Affected Products (17)

ibm/spectrum_control

... and 2 more

Timeline

Published Sep 26, 2016

Tracked Since Feb 18, 2026