CVE-2016-9749

MEDIUM

IBM Campaign 9.1.0, 9.1.2, 10.0, 10.1 - Authenticated Security Bypass via Improper Input Validation

Title source: llm
STIX 2.1

Description

IBM Campaign 9.1.0, 9.1.2, 10.0, and 10.1 could allow an authenticated user with access to the local network to bypass security due to lack of input validation. IBM X-Force ID: 120206.

References (2)

Core 2
Core References
Patch, Vendor Advisory x_refsource_confirm
http://www.ibm.com/support/docview.wss?uid=ibm10738293
VDB Entry, Vendor Advisory vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/120206

Scores

CVSS v3 4.0
EPSS 0.0034
EPSS Percentile 26.3%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Details

CWE
CWE-20
Status published
Products (22)
ibm/campaign 9.1.0.0
ibm/campaign 9.1.0.1
ibm/campaign 9.1.0.2
ibm/campaign 9.1.0.3
ibm/campaign 9.1.0.4
ibm/campaign 9.1.0.5
ibm/campaign 9.1.0.6
ibm/campaign 9.1.0.7
ibm/campaign 9.1.0.8
ibm/campaign 9.1.0.9
... and 12 more
Published Nov 09, 2018
Tracked Since Feb 18, 2026