CVE-2016-5967

MEDIUM

IBM Rational Asset Analyzer <6.1.0 - Info Disclosure

Title source: llm

Description

The installation component in IBM Rational Asset Analyzer (RAA) 6.1.0 before FP10 allows local users to discover the WAS Admin password by reading IM native logs.

References (3)

Scores

CVSS v3 5.5
EPSS 0.0005
EPSS Percentile 15.8%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Classification

CWE
CWE-532
Status published

Affected Products (11)

ibm/rational_asset_analyzer
ibm/rational_asset_analyzer
ibm/rational_asset_analyzer
ibm/rational_asset_analyzer
ibm/rational_asset_analyzer
ibm/rational_asset_analyzer
ibm/rational_asset_analyzer
ibm/rational_asset_analyzer
ibm/rational_asset_analyzer
ibm/rational_asset_analyzer
n/a/n/a

Timeline

Published Nov 25, 2016
Tracked Since Feb 18, 2026