NVD

Id
21021  
Name
CVE-2016-5997  
Description
The web portal in IBM Tealeaf Customer Experience before 8.7.1.8847 FP10, 8.8 before 8.8.0.9049 FP9, 9.0.0 and 9.0.1 before 9.0.1.1117 FP5, 9.0.1A before 9.0.1.5108_9.0.1A FP5, 9.0.2 before 9.0.2.1223 FP3, and 9.0.2A before 9.0.2.5224_9.0.2A FP3 does not apply password-quality rules to password changes, which makes it easier for remote attackers to obtain access via a brute-force attack.  
Reject
 
CVSS Version
2  
CVSS Score
4  
Severity
Medium  
CVSS Base Score
4  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
8  
CVSS Vector
(AV:N/AC:L/Au:S/C:N/I:P/A:N)  
Pub Date
2017-01-19  
Published
2016-09-26  
Modified Date
2016-11-28  
Seq
2016-5997  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
114433 21021 CVE-2016-5997 http://www-01.ibm.com/support/docview.wss?uid=swg21990216  View
114434 21021 CVE-2016-5997 93144  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
4253 JVNDB-2016-005026 IBM Tealeaf Customer Experience の Web ポータルにおけるアクセス権を取得される脆弱性 IBM Tealeaf Customer Experience の Web ポータルは、パスワードの変更にパスワード・クオリティールールを適用しないため、アクセス権を取得される脆弱性が存在します。 CVE-2016-5997 92504 CVE-2016-5997 21021 4 6.5 http://jvndb.jvn.jp/ja/contents/2016/JVNDB-2016-005026.html 2016-09-14 2016-10-04 View