Vulnerabilites related to IBM Corporation - Tivoli Components
cve-2016-5935
Vulnerability from cvelistv5
Published
2017-02-02 22:00
Modified
2024-08-06 01:15
Severity ?
EPSS score ?
Summary
IBM Jazz for Service Management could allow a remote attacker to obtain sensitive information, caused by the failure to properly validate the SSL certificate. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/96003 | vdb-entry, x_refsource_BID | |
| http://www.ibm.com/support/docview.wss?uid=swg21997711 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM Corporation | Tivoli Components |
Version: 1.1 Version: 1.1.0.1 Version: 1.1.0.2 Version: 1.1.0.3 Version: 2.1 Version: 2.2 Version: 1.1.1 Version: 1.1.2 Version: 1.1.2.1 Version: 2.1.1.0 Version: 2.1.1.2 Version: 1.1.3 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:15:10.036Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "96003",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96003"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21997711"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Tivoli Components",
"vendor": "IBM Corporation",
"versions": [
{
"status": "affected",
"version": "1.1"
},
{
"status": "affected",
"version": "1.1.0.1"
},
{
"status": "affected",
"version": "1.1.0.2"
},
{
"status": "affected",
"version": "1.1.0.3"
},
{
"status": "affected",
"version": "2.1"
},
{
"status": "affected",
"version": "2.2"
},
{
"status": "affected",
"version": "1.1.1"
},
{
"status": "affected",
"version": "1.1.2"
},
{
"status": "affected",
"version": "1.1.2.1"
},
{
"status": "affected",
"version": "2.1.1.0"
},
{
"status": "affected",
"version": "2.1.1.2"
},
{
"status": "affected",
"version": "1.1.3"
}
]
}
],
"datePublic": "2017-01-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM Jazz for Service Management could allow a remote attacker to obtain sensitive information, caused by the failure to properly validate the SSL certificate. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Obtain Information",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-02-06T10:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "96003",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96003"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21997711"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2016-5935",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Tivoli Components",
"version": {
"version_data": [
{
"version_value": "1.1"
},
{
"version_value": "1.1.0.1"
},
{
"version_value": "1.1.0.2"
},
{
"version_value": "1.1.0.3"
},
{
"version_value": "2.1"
},
{
"version_value": "2.2"
},
{
"version_value": "1.1.1"
},
{
"version_value": "1.1.2"
},
{
"version_value": "1.1.2.1"
},
{
"version_value": "2.1.1.0"
},
{
"version_value": "2.1.1.2"
},
{
"version_value": "1.1.3"
}
]
}
}
]
},
"vendor_name": "IBM Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Jazz for Service Management could allow a remote attacker to obtain sensitive information, caused by the failure to properly validate the SSL certificate. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "96003",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96003"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21997711",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21997711"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2016-5935",
"datePublished": "2017-02-02T22:00:00",
"dateReserved": "2016-06-29T00:00:00",
"dateUpdated": "2024-08-06T01:15:10.036Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}