CVE-2016-5979

LOW

IBM Distributed Marketing <10.0 - Privilege Escalation

Title source: llm
STIX 2.1

Description

IBM Distributed Marketing 8.6, 9.0, and 10.0 could allow a privileged authenticated user to create an instance that gets created with security profile not valid for the templates, that results in the new instance not accessible for the intended user. IBM X-Force ID: 116379.

References (1)

Core 1
Core References
Patch, Vendor Advisory x_refsource_confirm
http://www.ibm.com/support/docview.wss?uid=swg21999526

Scores

CVSS v3 2.7
EPSS 0.0024
EPSS Percentile 47.3%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L

Details

CWE
CWE-264
Status published
Products (28)
ibm/distributed_marketing 8.6.0.0
ibm/distributed_marketing 8.6.0.2
ibm/distributed_marketing 8.6.0.3
ibm/distributed_marketing 8.6.0.4
ibm/distributed_marketing 8.6.0.5
ibm/distributed_marketing 8.6.0.6
ibm/distributed_marketing 8.6.0.7
ibm/distributed_marketing 8.6.0.8
ibm/distributed_marketing 8.6.0.9
ibm/distributed_marketing 8.6.0.10
... and 18 more
Published May 15, 2017
Tracked Since Feb 18, 2026