9.8
CVE-2017-1221
- EPSS 0.26%
- Veröffentlicht 13.11.2017 23:29:00
- Zuletzt bearbeitet 20.04.2025 01:37:25
- Quelle psirt@us.ibm.com
- CVE-Watchlists
- Unerledigt
LoginIBM Tivoli Endpoint Manager (IBM BigFix 9.2 and 9.5) does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 123861.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ibm ≫ Bigfix Platform Version9.2
Ibm ≫ Bigfix Platform Version9.5
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.26% | 0.493 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.8 | 3.9 | 5.9 |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:P/I:N/A:N
|
CWE-521 Weak Password Requirements
The product does not require that users should have strong passwords, which makes it easier for attackers to compromise user accounts.