Description
IBM Security Privileged Identity Manager Virtual Appliance could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques.
Analysis
No analysis available yet.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| IBM Corporation | Privileged Identity Manager | affected |
|
Configuration 1 [-]
|
No data.
No data available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
 EUVD |
EUVD-2016-6900 | IBM Security Privileged Identity Manager Virtual Appliance could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. |
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: ibm
Published:
Updated: 2024-08-06T01:15:10.889Z
Reserved: 2016-06-29T00:00:00.000Z
Link: CVE-2016-5966
Vulnrichment
No data.
NVD
Status : Deferred
Published: 2017-02-01T20:59:01.410
Modified: 2025-04-20T01:37:25.860
Link: CVE-2016-5966
Redhat
No data.
OpenCVE Enrichment
No data.
Weaknesses