Description
IBM Tivoli Endpoint Manager (IBM BigFix 9.2 and 9.5) does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 123861.
Scores
CVSS v3
9.8
EPSS
0.0026
EPSS Percentile
49.5%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-521
Status
published
Products (4)
IBM/BigFix Platform
9.2
IBM/BigFix Platform
9.5
ibm/bigfix_platform
9.2
ibm/bigfix_platform
9.5
Published
Nov 13, 2017
Tracked Since
Feb 18, 2026