CVE-2016-2927

Published: Nov 25, 2016Modified: May 6, 2026

5.9

Vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploitability: 2.2 / Impact: 3.6

Source: NVD

Description

IBM BigFix Remote Control before 9.1.3 does not properly restrict the set of available encryption algorithms, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by sniffing the network and performing calculations on encrypted data.

Affected (1)

Products: Ibm: Bigfix Remote Control

1 product

Bigfix Remote Control

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Ibm Bigfix Remote Control	Up to 9.1.2

Related CWEs

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (6)

http://www-01.ibm.com/support/docview.wss?uid=swg1IV89792

Source: psirt@us.ibm.com

Vendor Advisory

http://www-01.ibm.com/support/docview.wss?uid=swg21991875

Source: psirt@us.ibm.com

Vendor Advisory

http://www.securityfocus.com/bid/94561

Source: psirt@us.ibm.com

http://www-01.ibm.com/support/docview.wss?uid=swg1IV89792

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www-01.ibm.com/support/docview.wss?uid=swg21991875

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.securityfocus.com/bid/94561

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.