CVE-2016-0394

Published: Feb 1, 2017Modified: May 13, 2026

3.3

Vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Exploitability: 1.8 / Impact: 1.4

Source: NVD

Description

IBM Integration Bus and WebSphere Message broker sets incorrect permissions for an object that could allow a local attacker to manipulate certain files.

Affected (10)

Products: Ibm: Integration Bus, Websphere Message Broker

Ibm

2 products

Integration Bus

Websphere Message Broker

Configuration A

10 vulnerable

Vulnerable Software	Affected Versions
Ibm Integration Bus	Version 10.0
Ibm Integration Bus	Version 9.0.0.1
Ibm Integration Bus	Version 9.0.0.2
Ibm Integration Bus	Version 9.0
Ibm Websphere Message Broker	Version 8.0.0.1
Ibm Websphere Message Broker	Version 8.0.0.2
Ibm Websphere Message Broker	Version 8.0.0.3
Ibm Websphere Message Broker	Version 8.0.0.4
Ibm Websphere Message Broker	Version 8.0.0.5
Ibm Websphere Message Broker	Version 8.0

Related CWEs

CWE-275

References (4)

http://www.ibm.com/support/docview.wss?uid=swg21985013

Source: psirt@us.ibm.com

PatchVendor Advisory

http://www.securityfocus.com/bid/94577

Source: psirt@us.ibm.com

Technical DescriptionVDB Entry

http://www.ibm.com/support/docview.wss?uid=swg21985013

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://www.securityfocus.com/bid/94577

Source: af854a3a-2127-422b-91ae-364da2661108

Technical DescriptionVDB Entry

Timeline

No history available yet.