CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
55.7%
IBM TS3100/TS3200 Tape Library could allow an unauthenticated user, with access to the company network, to change a user’s password and gain remote access to the system.
CVEID:CVE-2016-9005__ __
DESCRIPTION:
IBM TS3100-TS3200 Tape Library could allow an unauthenticated user, with access to the company network, to change a user’s password and gain remote access to the system.
CVSS Base Score: 8.8
CVSS Temporal Score: See http://exchange.xforce.ibmcloud.com/vulnerabilities/119393 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
Versions D.60 and lower
Upgrade to version E.20 or later.
After applying the fix, all passwords should either be confirmed or changed to ensure that they were not changed (and therefore accessible) by a third-party.
None
Vendor | Product | Version | CPE |
---|---|---|---|
ibm | ts3200_tape_library | any | cpe:2.3:h:ibm:ts3200_tape_library:any:*:*:*:*:*:*:* |
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
55.7%