IBMFFCFF67B75AE4034C6034CAEA6E881FB5E38582FEDB1995884718E69AF1DC84FSecurity Bulletin: IBM InfoSphere Information Server is vulnerable to information disclosure (CVE-2016-5994)
EPSS
Percentile
30.8%
Summary
IBM InfoSphere Information Server contains a vulnerability that would allow an authenticated user to browse any file on the engine tier, and examine its contents.
Vulnerability Details
CVEID: CVE-2016-5994 DESCRIPTION: IBM InfoSphere Information Server contains a vulnerability that would allow an authenticated user to browse any file on the engine tier, and examine its contents.
CVSS Base Score: 6.8
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/116652 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N)
Affected Products and Versions
The following product, running on all supported platforms, are affected:
IBM InfoSphere Information Server: versions 11.5
Remediation/Fixes
Product
| VRMF|APAR|Remediation/First Fix
—|—|—|—
InfoSphere Information Server| 11.5| --| --Use TechNote to follow configuration steps
Workarounds and Mitigations
See TechNote
Related
EPSS
Percentile
30.8%