CRITICAL🇬🇧 English

CVE-2017-1221

CVSS 9.8v3.0pub. 2017-11-13upd. 2026-05-13

IBM Tivoli Endpoint Manager (IBM BigFix 9.2 and 9.5) does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 123861.

oryginał EN
CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • IBM Bigfix Platform

    APP
    Ibm
    9.29.5
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2019-4013CRITICAL9.0ten sam produkt

IBM BigFix Platform 9.5 could allow any authenticated user to upload any file to any location on the server wi...

CVE-2018-1475CRITICAL9.8ten sam produkt

IBM BigFix Platform 9.2 and 9.5 uses an inadequate account lockout setting that could allow a remote attacker ...

CVE-2016-6082CRITICAL10.0ten sam produkt

IBM BigFix Platform could allow a remote attacker to execute arbitrary code on the system, caused by a use-aft...

CVE-2018-1600HIGH8.6ten sam produkt

IBM BigFix Platform 9.2 and 9.5 transmits sensitive or security-critical data in clear text in a communication...

CVE-2018-1479HIGH8.8ten sam produkt

IBM BigFix Platform 9.2 and 9.5 is vulnerable to cross-site request forgery which could allow an attacker to e...