CVE-2016-6112
moderate-risk
Published 2017-05-22
IBM Distributed Marketing and Marketing Platform 8.6, 9.0, 9.1, and 10.0 could allow an authenticated user to escalate their privileges and gain administrative permissions over the web application. IBM X-Force ID: 118282.
Do I need to act?
-
0.35% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
8
CVSS 8.8/10
High
NETWORK
/ LOW complexity
Affected Products (13)
Marketing Platform
Marketing Platform
Marketing Platform
Marketing Operations
Distributed Marketing
Marketing Platform
Marketing Platform
Marketing Operations
Marketing Operations
Marketing Operations
Distributed Marketing
Distributed Marketing
Distributed Marketing
Affected Vendors
References (2)
Vendor Advisory
http://www.ibm.com/support/docview.wss?uid=swg21992739
Vendor Advisory
http://www.ibm.com/support/docview.wss?uid=swg21992739
48
/ 100
moderate-risk
Severity
30/34 · Critical
Exploitability
1/34 · Minimal
Exposure
17/34 · Moderate