9.8

CVE-2017-1221

IBM Tivoli Endpoint Manager (IBM BigFix 9.2 and 9.5) does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 123861.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
IbmBigfix Platform Version9.2
IbmBigfix Platform Version9.5
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.58% 0.723
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9.8 3.9 5.9
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:P/I:N/A:N
CWE-521 Weak Password Requirements

The product does not require that users should have strong passwords.

http://www.ibm.com/support/docview.wss?uid=swg22010177
Vendor Advisory
Issue Tracking
http://www.securityfocus.com/bid/101683
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/123861
Vendor Advisory
VDB Entry
Issue Tracking