Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

CVE-2016-9693

UNKNOWN
Published 2017-03-07T17:00:00
Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2016-9693. We'll provide specific mitigation strategies based on your environment and risk profile.

No CVSS data available

Description

IBM Business Process Manager 7.5, 8.0, and 8.5 has a file download capability that is vulnerable to a set of attacks. Ultimately, an attacker can cause an unauthenticated victim to download a malicious payload. An existing file type restriction can be bypassed so that the payload might be considered executable and cause damage on the victim's machine. IBM Reference #: 1998655.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

IBM Corporation

Business Process Manager Advanced

Affected Versions:

7.5 7.5.0.1 7.5.1 7.5.1.1 7.5.1.2 8.0 8.0.1 8.0.1.1 8.0.1.2 8.5 8.5.0.1 8.5.5 8.0.1.3 8.5.6 8.5.0.2 8.5.7 8.5.7.CF201609 8.5.6.1 8.5.6.2 8.5.7.CF201606 8.5.7.CF201612

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed MODERATE

GHSA-vp3c-hw54-76fg

Advisory Details

IBM Business Process Manager 7.5, 8.0, and 8.5 has a file download capability that is vulnerable to a set of attacks. Ultimately, an attacker can cause an unauthenticated victim to download a malicious payload. An existing file type restriction can be bypassed so that the payload might be considered executable and cause damage on the victim's machine. IBM Reference #: 1998655.

CVSS Scoring

CVSS Score

5.0

CVSS Vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2016-9693
WEB https://www.ibm.com/support/docview.wss?uid=swg21998655
WEB http://www.securityfocus.com/bid/98074

Advisory provided by GitHub Security Advisory Database. Published: May 17, 2022, Modified: May 17, 2022

References

http://www.securityfocus.com/bid/98074
https://www.ibm.com/support/docview.wss?uid=swg21998655
Published: 2017-03-07T17:00:00
Last Modified: 2024-08-06T02:59:03.295Z
Copied to clipboard!