NVD

Id
18932  
Name
CVE-2016-3025  
Description
IBM Security Access Manager for Mobile 8.x before 8.0.1.4 IF3 and Security Access Manager 9.x before 9.0.1.0 IF5 do not properly restrict failed login attempts, which makes it easier for remote attackers to obtain access via a brute-force approach.  
Reject
 
CVSS Version
2  
CVSS Score
5  
Severity
Medium  
CVSS Base Score
5  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:P/I:N/A:N)  
Pub Date
2017-01-19  
Published
2016-11-24  
Modified Date
2016-11-28  
Seq
2016-3025  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
104898 18932 CVE-2016-3025 IV89240  View
104899 18932 CVE-2016-3025 IV89258  View
104900 18932 CVE-2016-3025 http://www-01.ibm.com/support/docview.wss?uid=swg21991107  View
104901 18932 CVE-2016-3025 93178  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
5182 JVNDB-2016-005955 IBM Security Access Manager for Mobile および Security Access Manager におけるアクセス権を取得される脆弱性 IBM Security Access Manager for Mobile および Security Access Manager は、ログイン試行の失敗を適切に制限しないため、アクセス権を取得される脆弱性が存在します。 CVE-2016-3025 89531 CVE-2016-3025 18932 5 8.1 http://jvndb.jvn.jp/ja/contents/2016/JVNDB-2016-005955.html 2016-09-21 2016-11-28 View