CVE-2016-6112 — HIGH (8.8) — White Hats Nepal

Vulnerability Description

IBM Distributed Marketing and Marketing Platform 8.6, 9.0, 9.1, and 10.0 could allow an authenticated user to escalate their privileges and gain administrative permissions over the web application. IBM X-Force ID: 118282.

CVSS Score

8.8

HIGH

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Ibm	Marketing Platform	8.6.0.0
Ibm	Marketing Operations	8.6.0.0
Ibm	Distributed Marketing	8.6.0.0

Related Weaknesses (CWE)

CWE-264

References

http://www.ibm.com/support/docview.wss?uid=swg21992739Vendor Advisory
http://www.ibm.com/support/docview.wss?uid=swg21992739Vendor Advisory

FAQ

What is CVE-2016-6112?

CVE-2016-6112 is a vulnerability with a CVSS score of 8.8 (HIGH). IBM Distributed Marketing and Marketing Platform 8.6, 9.0, 9.1, and 10.0 could allow an authenticated user to escalate their privileges and gain administrative permissions over the web application. IB...

How severe is CVE-2016-6112?

CVE-2016-6112 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2016-6112?

Check the references section above for vendor advisories and patch information. Affected products include: Ibm Marketing Platform, Ibm Marketing Operations, Ibm Distributed Marketing.