CVE-2016-3016
First published: Wed Feb 01 2017(Updated: )
IBM Security Access Manager for Web processes patches, image backups and other updates without sufficiently verifying the origin and integrity of the code, which could allow an authenticated attacker to load malicious code.
Credit: psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM Security Access Manager 9.0 | =9.0.0 | |
| IBM Security Access Manager 9.0 | =9.0.0.1 | |
| IBM Security Access Manager 9.0 | =9.0.1.0 | |
| IBM Security Access Manager for Mobile | =8.0.0.1 | |
| IBM Security Access Manager for Mobile | =8.0.0.2 | |
| IBM Security Access Manager for Mobile | =8.0.0.3 | |
| IBM Security Access Manager for Mobile | =8.0.0.5 | |
| IBM Security Access Manager for Mobile | =8.0.1.0 | |
| IBM Security Access Manager for Mobile | =8.0.1.2 | |
| IBM Security Access Manager for Mobile | =8.0.1.3 | |
| IBM Security Access Manager for Mobile | =8.0.1.4 | |
| IBM Security Access Manager for Web 7.0 Firmware | =7.0.0.1 | |
| IBM Security Access Manager for Web 7.0 Firmware | =7.0.0.2 | |
| IBM Security Access Manager for Web 7.0 Firmware | =7.0.0.3 | |
| IBM Security Access Manager for Web 7.0 Firmware | =7.0.0.4 | |
| IBM Security Access Manager for Web 7.0 Firmware | =7.0.0.5 | |
| IBM Security Access Manager for Web 7.0 Firmware | =7.0.0.6 | |
| IBM Security Access Manager for Web 7.0 Firmware | =7.0.0.7 | |
| IBM Security Access Manager for Web 7.0 Firmware | =7.0.0.8 | |
| IBM Security Access Manager for Web 7.0 Firmware | =7.0.0.9 | |
| IBM Security Access Manager for Web 7.0 Firmware | =7.0.0.10 | |
| IBM Security Access Manager for Web 7.0 Firmware | =7.0.0.11 | |
| IBM Security Access Manager for Web 7.0 Firmware | =7.0.0.12 | |
| IBM Security Access Manager for Web 7.0 Firmware | =7.0.0.13 | |
| IBM Security Access Manager for Web 7.0 Firmware | =7.0.0.14 | |
| IBM Security Access Manager for Web 7.0 Firmware | =7.0.0.15 | |
| IBM Security Access Manager for Web 7.0 Firmware | =7.0.0.16 | |
| IBM Security Access Manager for Web 8.0 firmware | =8.0.0.1 | |
| IBM Security Access Manager for Web 8.0 firmware | =8.0.0.2 | |
| IBM Security Access Manager for Web 8.0 firmware | =8.0.0.3 | |
| IBM Security Access Manager for Web 8.0 firmware | =8.0.0.5 | |
| IBM Security Access Manager for Web 8.0 firmware | =8.0.1.0 | |
| IBM Security Access Manager for Web 8.0 firmware | =8.0.1.2 | |
| IBM Security Access Manager for Web 8.0 firmware | =8.0.1.3 | |
| IBM Security Access Manager for Web 8.0 firmware | =8.0.1.4 | |
| IBM Security Access Manager for Mobile Appliance | =8.0 | |
| IBM Security Access Manager for Web appliance | =7.0 | |
| IBM Security Access Manager for Web appliance | =8.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2016-3016?
CVE-2016-3016 has a high severity rating due to the potential for authenticated attackers to load malicious code.
How do I fix CVE-2016-3016?
To fix CVE-2016-3016, apply the latest patches and updates provided by IBM for the affected versions of IBM Security Access Manager.
Who is affected by CVE-2016-3016?
CVE-2016-3016 affects users of IBM Security Access Manager for Web and Mobile systems, specifically certain versions of the firmware.
Can CVE-2016-3016 be exploited remotely?
CVE-2016-3016 requires authentication, so it cannot be exploited remotely without valid credentials.
What versions of IBM Security Access Manager are impacted by CVE-2016-3016?
CVE-2016-3016 impacts various versions of IBM Security Access Manager for Web and Mobile, primarily versions 7.0 to 8.0.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/last-modified-date
- agent/references
- agent/remedy
- agent/weakness
- agent/author
- agent/first-publish-date
- agent/event
- agent/description
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/ibm
- canonical/ibm security access manager 9.0
- version/ibm security access manager 9.0/9.0.0
- version/ibm security access manager 9.0/9.0.0.1
- version/ibm security access manager 9.0/9.0.1.0
- canonical/ibm security access manager for mobile
- version/ibm security access manager for mobile/8.0.0.1
- version/ibm security access manager for mobile/8.0.0.2
- version/ibm security access manager for mobile/8.0.0.3
- version/ibm security access manager for mobile/8.0.0.5
- version/ibm security access manager for mobile/8.0.1.0
- version/ibm security access manager for mobile/8.0.1.2
- version/ibm security access manager for mobile/8.0.1.3
- version/ibm security access manager for mobile/8.0.1.4
- canonical/ibm security access manager for web 7.0 firmware
- version/ibm security access manager for web 7.0 firmware/7.0.0.1
- version/ibm security access manager for web 7.0 firmware/7.0.0.2
- version/ibm security access manager for web 7.0 firmware/7.0.0.3
- version/ibm security access manager for web 7.0 firmware/7.0.0.4
- version/ibm security access manager for web 7.0 firmware/7.0.0.5
- version/ibm security access manager for web 7.0 firmware/7.0.0.6
- version/ibm security access manager for web 7.0 firmware/7.0.0.7
- version/ibm security access manager for web 7.0 firmware/7.0.0.8
- version/ibm security access manager for web 7.0 firmware/7.0.0.9
- version/ibm security access manager for web 7.0 firmware/7.0.0.10
- version/ibm security access manager for web 7.0 firmware/7.0.0.11
- version/ibm security access manager for web 7.0 firmware/7.0.0.12
- version/ibm security access manager for web 7.0 firmware/7.0.0.13
- version/ibm security access manager for web 7.0 firmware/7.0.0.14
- version/ibm security access manager for web 7.0 firmware/7.0.0.15
- version/ibm security access manager for web 7.0 firmware/7.0.0.16
- canonical/ibm security access manager for web 8.0 firmware
- version/ibm security access manager for web 8.0 firmware/8.0.0.1
- version/ibm security access manager for web 8.0 firmware/8.0.0.2
- version/ibm security access manager for web 8.0 firmware/8.0.0.3
- version/ibm security access manager for web 8.0 firmware/8.0.0.5
- version/ibm security access manager for web 8.0 firmware/8.0.1.0
- version/ibm security access manager for web 8.0 firmware/8.0.1.2
- version/ibm security access manager for web 8.0 firmware/8.0.1.3
- version/ibm security access manager for web 8.0 firmware/8.0.1.4
- canonical/ibm security access manager for mobile appliance
- version/ibm security access manager for mobile appliance/8.0
- canonical/ibm security access manager for web appliance
- version/ibm security access manager for web appliance/7.0
- version/ibm security access manager for web appliance/8.0