CVE-2016-2952

IBM BigFix Remote Control before 9.1.3 does not enable the HSTS protection mechanism, which makes it easier for remote attackers to obtain sensitive information by leveraging use of HTTP.
Configurations

Configuration 1 (hide)

cpe:2.3:a:ibm:bigfix_remote_control:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2016-11-30 11:59

Updated : 2024-02-04 19:11


NVD link : CVE-2016-2952

Mitre link : CVE-2016-2952

CVE.ORG link : CVE-2016-2952


JSON object : View

Products Affected

ibm

  • bigfix_remote_control
CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor