CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS
Percentile
65.3%
A missing HTTP header has been addressed in IBM 10x, which is shipped in IBM Standards Processing Engine and IBM Transformation Extender Advanced.
CVEID: CVE-2016-0341**
DESCRIPTION:** IBM 10x could allow a malicious user to obtain highly sensitive information due to missing configurations of HTTPS.
CVSS Base Score: 6.2
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/111782 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)
IBM Standards Processing Engine version 8.5.1.2 (common component 2.0.1.2) and IBM Transformation Extender Advanced versions 9.0 and 9.0.0.1.
Fixes posted to Fix Central.
Product | Version | Fix |
---|---|---|
IBM Standards Processing Engine version | 8.5.1.2 (common component 2.0.1.2) | https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Other%2Bsoftware&product=ibm/Other+software/Standards+Processing+Engine&release=8.5.1.2&platform=Windows&function=all |
IBM Transformation Extender Advanced | 9.0 and 9.0.0.1 | https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Other%2Bsoftware&product=ibm/Other+software/Standards+Processing+Engine&release=9.0.0.2&platform=All&function=all |
None
Vendor | Product | Version | CPE |
---|---|---|---|
ibm | transformation_extender_advanced | 9.0.0.1 | cpe:2.3:a:ibm:transformation_extender_advanced:9.0.0.1:*:*:*:*:*:*:* |
ibm | transformation_extender_advanced | 9.0 | cpe:2.3:a:ibm:transformation_extender_advanced:9.0:*:*:*:*:*:*:* |
ibm | transformation_extender_advanced | 8.5.1.2 | cpe:2.3:a:ibm:transformation_extender_advanced:8.5.1.2:*:*:*:*:*:*:* |
ibm | transformation_extender_advanced | any | cpe:2.3:a:ibm:transformation_extender_advanced:any:*:*:*:*:*:*:* |
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS
Percentile
65.3%