CVE-2016-3024 - Vulnerability Details

Vendors	Products
Ibm	Security Access Manager 9.0 Firmware Security Access Manager For Mobile 8.0 Firmware Security Access Manager For Mobile Appliance Security Access Manager For Web 8.0 Firmware Security Access Manager For Web Appliance

Link	Providers
http://www.ibm.com/support/docview.wss?uid=swg21995340
http://www.securityfocus.com/bid/96132

Show plain JSON

{"containers": {"cna": {"affected": [{"product": "Access Manager", "vendor": "IBM Corporation", "versions": [{"status": "affected", "version": "9.0"}, {"status": "affected", "version": "9.0.0.1"}, {"status": "affected", "version": "9.0.1"}, {"status": "affected", "version": "7.0.0"}, {"status": "affected", "version": "8.0.0"}, {"status": "affected", "version": "8.0.0.1"}, {"status": "affected", "version": "8.0.0.2"}, {"status": "affected", "version": "8.0.0.3"}, {"status": "affected", "version": "8.0.0.4"}, {"status": "affected", "version": "8.0.0.5"}, {"status": "affected", "version": "8.0.1"}, {"status": "affected", "version": "8.0.1.2"}, {"status": "affected", "version": "8.0.1.3"}, {"status": "affected", "version": "8.0.1.4"}, {"status": "affected", "version": "9.0.0"}, {"status": "affected", "version": "9.0.1.0"}]}], "datePublic": "2017-02-01T00:00:00", "descriptions": [{"lang": "en", "value": "IBM Security Access Manager for Web allows web pages to be stored locally which can be read by another user on the system."}], "problemTypes": [{"descriptions": [{"description": "Obtain Information", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-02-09T10:57:02", "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://www.ibm.com/support/docview.wss?uid=swg21995340"}, {"name": "96132", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/96132"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@us.ibm.com", "ID": "CVE-2016-3024", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Access Manager", "version": {"version_data": [{"version_value": "9.0"}, {"version_value": "9.0.0.1"}, {"version_value": "9.0.1"}, {"version_value": "7.0.0"}, {"version_value": "8.0.0"}, {"version_value": "8.0.0.1"}, {"version_value": "8.0.0.2"}, {"version_value": "8.0.0.3"}, {"version_value": "8.0.0.4"}, {"version_value": "8.0.0.5"}, {"version_value": "8.0.1"}, {"version_value": "8.0.1.2"}, {"version_value": "8.0.1.3"}, {"version_value": "8.0.1.4"}, {"version_value": "9.0.0"}, {"version_value": "9.0.1.0"}]}}]}, "vendor_name": "IBM Corporation"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "IBM Security Access Manager for Web allows web pages to be stored locally which can be read by another user on the system."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Obtain Information"}]}]}, "references": {"reference_data": [{"name": "http://www.ibm.com/support/docview.wss?uid=swg21995340", "refsource": "CONFIRM", "url": "http://www.ibm.com/support/docview.wss?uid=swg21995340"}, {"name": "96132", "refsource": "BID", "url": "http://www.securityfocus.com/bid/96132"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T23:40:15.154Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.ibm.com/support/docview.wss?uid=swg21995340"}, {"name": "96132", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/96132"}]}]}, "cveMetadata": {"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "assignerShortName": "ibm", "cveId": "CVE-2016-3024", "datePublished": "2017-02-01T20:00:00", "dateReserved": "2016-03-09T00:00:00", "dateUpdated": "2024-08-05T23:40:15.154Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{

containers : { »

cna : { »

affected : [ »

0 : { »

product : Access Manager (string)

vendor : IBM Corporation (string)

versions : [ »

0 : { »

status : affected (string)

version : 9.0 (string)

}

1 : { »

status : affected (string)

version : 9.0.0.1 (string)

}

2 : { »

status : affected (string)

version : 9.0.1 (string)

}

3 : { »

status : affected (string)

version : 7.0.0 (string)

}

4 : { »

status : affected (string)

version : 8.0.0 (string)

}

5 : { »

status : affected (string)

version : 8.0.0.1 (string)

}

6 : { »

status : affected (string)

version : 8.0.0.2 (string)

}

7 : { »

status : affected (string)

version : 8.0.0.3 (string)

}

8 : { »

status : affected (string)

version : 8.0.0.4 (string)

}

9 : { »

status : affected (string)

version : 8.0.0.5 (string)

}

10 : { »

status : affected (string)

version : 8.0.1 (string)

}

11 : { »

status : affected (string)

version : 8.0.1.2 (string)

}

12 : { »

status : affected (string)

version : 8.0.1.3 (string)

}

13 : { »

status : affected (string)

version : 8.0.1.4 (string)

}

14 : { »

status : affected (string)

version : 9.0.0 (string)

}

15 : { »

status : affected (string)

version : 9.0.1.0 (string)

}

]

}

]

datePublic : 2017-02-01T00:00:00 (string)

descriptions : [ »

0 : { »

lang : en (string)

value : IBM Security Access Manager for Web allows web pages to be stored locally which can be read by another user on the system. (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

description : Obtain Information (string)

lang : en (string)

type : text (string)

}

]

}

]

providerMetadata : { »

dateUpdated : 2017-02-09T10:57:02 (string)

orgId : 9a959283-ebb5-44b6-b705-dcc2bbced522 (string)

shortName : ibm (string)

}

references : [ »

0 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

]

url : http://www.ibm.com/support/docview.wss?uid=swg21995340 (string)

}

1 : { »

name : 96132 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_BID (string)

]

url : http://www.securityfocus.com/bid/96132 (string)

}

]

x_legacyV4Record : { »

CVE_data_meta : { »

ASSIGNER : psirt@us.ibm.com (string)

ID : CVE-2016-3024 (string)

STATE : PUBLIC (string)

}

affects : { »

vendor : { »

vendor_data : [ »

0 : { »

product : { »

product_data : [ »

0 : { »

product_name : Access Manager (string)

version : { »

version_data : [ »

0 : { »

version_value : 9.0 (string)

}

1 : { »

version_value : 9.0.0.1 (string)

}

2 : { »

version_value : 9.0.1 (string)

}

3 : { »

version_value : 7.0.0 (string)

}

4 : { »

version_value : 8.0.0 (string)

}

5 : { »

version_value : 8.0.0.1 (string)

}

6 : { »

version_value : 8.0.0.2 (string)

}

7 : { »

version_value : 8.0.0.3 (string)

}

8 : { »

version_value : 8.0.0.4 (string)

}

9 : { »

version_value : 8.0.0.5 (string)

}

10 : { »

version_value : 8.0.1 (string)

}

11 : { »

version_value : 8.0.1.2 (string)

}

12 : { »

version_value : 8.0.1.3 (string)

}

13 : { »

version_value : 8.0.1.4 (string)

}

14 : { »

version_value : 9.0.0 (string)

}

15 : { »

version_value : 9.0.1.0 (string)

}

]

}

]

}

vendor_name : IBM Corporation (string)

}

]

}

data_format : MITRE (string)

data_type : CVE (string)

data_version : 4.0 (string)

description : { »

description_data : [ »

0 : { »

lang : eng (string)

value : IBM Security Access Manager for Web allows web pages to be stored locally which can be read by another user on the system. (string)

}

]

}

problemtype : { »

problemtype_data : [ »

0 : { »

description : [ »

0 : { »

lang : eng (string)

value : Obtain Information (string)

}

]

}

]

}

references : { »

reference_data : [ »

0 : { »

name : http://www.ibm.com/support/docview.wss?uid=swg21995340 (string)

refsource : CONFIRM (string)

url : http://www.ibm.com/support/docview.wss?uid=swg21995340 (string)

}

1 : { »

name : 96132 (string)

refsource : BID (string)

url : http://www.securityfocus.com/bid/96132 (string)

}

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-05T23:40:15.154Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

url : http://www.ibm.com/support/docview.wss?uid=swg21995340 (string)

}

1 : { »

name : 96132 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_BID (string)

2 : x_transferred (string)

]

url : http://www.securityfocus.com/bid/96132 (string)

}

]

}

]

}

cveMetadata : { »

assignerOrgId : 9a959283-ebb5-44b6-b705-dcc2bbced522 (string)

assignerShortName : ibm (string)

cveId : CVE-2016-3024 (string)

datePublished : 2017-02-01T20:00:00 (string)

dateReserved : 2016-03-09T00:00:00 (string)

dateUpdated : 2024-08-05T23:40:15.154Z (string)

state : PUBLISHED (string)

}

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:ibm:security_access_manager_9.0_firmware:9.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "6B5B6BD9-C0DF-4359-A6C1-F66E24912800", "vulnerable": true}, {"criteria": "cpe:2.3:o:ibm:security_access_manager_9.0_firmware:9.0.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "6F18D4AF-43DE-42A0-898E-50FBA7ADDDDE", "vulnerable": true}, {"criteria": "cpe:2.3:o:ibm:security_access_manager_9.0_firmware:9.0.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "847598BF-977A-4592-A6A1-2C7F04F29FDC", "vulnerable": true}, {"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "EA4B8E11-83D3-4B38-90B6-4C0F536D06B6", "vulnerable": true}, {"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "AFD6FF12-A3AD-4D2B-92EB-44D20AF4DD9D", "vulnerable": true}, {"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "AD7C3FED-3B2F-4EC9-9A9B-05EFDB0AA56B", "vulnerable": true}, {"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "250AF7A4-8DDF-427C-8BF7-788667908D77", "vulnerable": true}, {"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "76136DDE-1530-482B-9E32-3EA2496FDFCA", "vulnerable": true}, {"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "8CBEA0D7-FBD0-4C7D-AB8F-73018359996A", "vulnerable": true}, {"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "7CCECD9C-D506-4AEA-AE59-49A81E2D7020", "vulnerable": true}, {"criteria": "cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "FCB6511D-5B6C-4BBB-8DEF-C37026398D6C", "vulnerable": true}, {"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "4B0D27CF-70BF-4C72-A963-310272D8EBF7", "vulnerable": true}, {"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "97E19969-DD73-42F2-9E91-504E1663B268", "vulnerable": true}, {"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "F9CC2E05-5179-4241-A710-E582510EEB0D", "vulnerable": true}, {"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "BD1366C8-9C78-4B40-8E40-19C4DFEC2B1D", "vulnerable": true}, {"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "73E4F0CD-26DF-4975-8F40-ECB8E03A08C2", "vulnerable": true}, {"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "FFE6F2A0-BD38-4853-A8FB-299A341FA0B6", "vulnerable": true}, {"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "D0122CE6-44D9-4A5F-8DD4-B1F7F229FDFB", "vulnerable": true}, {"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "D1C6294A-7243-499D-8371-F000BEB7CF2F", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:ibm:security_access_manager_for_mobile_appliance:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "506C4B29-BC71-4C56-BAB1-06E63BEB1DD3", "vulnerable": false}, {"criteria": "cpe:2.3:h:ibm:security_access_manager_for_web_appliance:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "1C5EBB4D-36F8-453C-9D2C-A63490144596", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "IBM Security Access Manager for Web allows web pages to be stored locally which can be read by another user on the system."}, {"lang": "es", "value": "IBM Security Access Manager para Web permite que las p\u00e1ginas web se almacenen localmente y que puedan ser le\u00eddas por otro usuario del sistema."}], "id": "CVE-2016-3024", "lastModified": "2025-04-20T01:37:25.860", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 4.0, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0"}, "exploitabilityScore": 2.5, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-02-01T20:59:00.613", "references": [{"source": "psirt@us.ibm.com", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.ibm.com/support/docview.wss?uid=swg21995340"}, {"source": "psirt@us.ibm.com", "url": "http://www.securityfocus.com/bid/96132"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.ibm.com/support/docview.wss?uid=swg21995340"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/96132"}], "sourceIdentifier": "psirt@us.ibm.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:ibm:security_access_manager_9.0_firmware:9.0.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 6B5B6BD9-C0DF-4359-A6C1-F66E24912800 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:o:ibm:security_access_manager_9.0_firmware:9.0.0.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 6F18D4AF-43DE-42A0-898E-50FBA7ADDDDE (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:o:ibm:security_access_manager_9.0_firmware:9.0.1.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 847598BF-977A-4592-A6A1-2C7F04F29FDC (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.1:*:*:*:*:*:*:* (string)

matchCriteriaId : EA4B8E11-83D3-4B38-90B6-4C0F536D06B6 (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.2:*:*:*:*:*:*:* (string)

matchCriteriaId : AFD6FF12-A3AD-4D2B-92EB-44D20AF4DD9D (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.3:*:*:*:*:*:*:* (string)

matchCriteriaId : AD7C3FED-3B2F-4EC9-9A9B-05EFDB0AA56B (string)

vulnerable : true (boolean)

}

6 : { »

criteria : cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.5:*:*:*:*:*:*:* (string)

matchCriteriaId : 250AF7A4-8DDF-427C-8BF7-788667908D77 (string)

vulnerable : true (boolean)

}

7 : { »

criteria : cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.1.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 76136DDE-1530-482B-9E32-3EA2496FDFCA (string)

vulnerable : true (boolean)

}

8 : { »

criteria : cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.1.2:*:*:*:*:*:*:* (string)

matchCriteriaId : 8CBEA0D7-FBD0-4C7D-AB8F-73018359996A (string)

vulnerable : true (boolean)

}

9 : { »

criteria : cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.1.3:*:*:*:*:*:*:* (string)

matchCriteriaId : 7CCECD9C-D506-4AEA-AE59-49A81E2D7020 (string)

vulnerable : true (boolean)

}

10 : { »

criteria : cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.1.4:*:*:*:*:*:*:* (string)

matchCriteriaId : FCB6511D-5B6C-4BBB-8DEF-C37026398D6C (string)

vulnerable : true (boolean)

}

11 : { »

criteria : cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 4B0D27CF-70BF-4C72-A963-310272D8EBF7 (string)

vulnerable : true (boolean)

}

12 : { »

criteria : cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.2:*:*:*:*:*:*:* (string)

matchCriteriaId : 97E19969-DD73-42F2-9E91-504E1663B268 (string)

vulnerable : true (boolean)

}

13 : { »

criteria : cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.3:*:*:*:*:*:*:* (string)

matchCriteriaId : F9CC2E05-5179-4241-A710-E582510EEB0D (string)

vulnerable : true (boolean)

}

14 : { »

criteria : cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.5:*:*:*:*:*:*:* (string)

matchCriteriaId : BD1366C8-9C78-4B40-8E40-19C4DFEC2B1D (string)

vulnerable : true (boolean)

}

15 : { »

criteria : cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.1.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 73E4F0CD-26DF-4975-8F40-ECB8E03A08C2 (string)

vulnerable : true (boolean)

}

16 : { »

criteria : cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.1.2:*:*:*:*:*:*:* (string)

matchCriteriaId : FFE6F2A0-BD38-4853-A8FB-299A341FA0B6 (string)

vulnerable : true (boolean)

}

17 : { »

criteria : cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.1.3:*:*:*:*:*:*:* (string)

matchCriteriaId : D0122CE6-44D9-4A5F-8DD4-B1F7F229FDFB (string)

vulnerable : true (boolean)

}

18 : { »

criteria : cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.1.4:*:*:*:*:*:*:* (string)

matchCriteriaId : D1C6294A-7243-499D-8371-F000BEB7CF2F (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

1 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:h:ibm:security_access_manager_for_mobile_appliance:8.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 506C4B29-BC71-4C56-BAB1-06E63BEB1DD3 (string)

vulnerable : false (boolean)

}

1 : { »

criteria : cpe:2.3:h:ibm:security_access_manager_for_web_appliance:8.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 1C5EBB4D-36F8-453C-9D2C-A63490144596 (string)

vulnerable : false (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

operator : AND (string)

}

]

cveTags : [ *empty* ]

descriptions : [ »

0 : { »

lang : en (string)

value : IBM Security Access Manager for Web allows web pages to be stored locally which can be read by another user on the system. (string)

}

1 : { »

lang : es (string)

value : IBM Security Access Manager para Web permite que las páginas web se almacenen localmente y que puedan ser leídas por otro usuario del sistema. (string)

}

]

id : CVE-2016-3024 (string)

lastModified : 2025-04-20T01:37:25.860 (string)

metrics : { »

cvssMetricV2 : [ »

0 : { »

acInsufInfo : false (boolean)

baseSeverity : LOW (string)

cvssData : { »

accessComplexity : LOW (string)

accessVector : LOCAL (string)

authentication : NONE (string)

availabilityImpact : NONE (string)

baseScore : 2.1 (number)

confidentialityImpact : PARTIAL (string)

integrityImpact : NONE (string)

vectorString : AV:L/AC:L/Au:N/C:P/I:N/A:N (string)

version : 2.0 (string)

}

exploitabilityScore : 3.9 (number)

impactScore : 2.9 (number)

obtainAllPrivilege : false (boolean)

obtainOtherPrivilege : false (boolean)

obtainUserPrivilege : false (boolean)

source : nvd@nist.gov (string)

type : Primary (string)

userInteractionRequired : false (boolean)

}

]

cvssMetricV30 : [ »

0 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : LOCAL (string)

availabilityImpact : NONE (string)

baseScore : 4 (number)

baseSeverity : MEDIUM (string)

confidentialityImpact : LOW (string)

integrityImpact : NONE (string)

privilegesRequired : NONE (string)

scope : UNCHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N (string)

version : 3.0 (string)

}

exploitabilityScore : 2.5 (number)

impactScore : 1.4 (number)

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

published : 2017-02-01T20:59:00.613 (string)

references : [ »

0 : { »

source : psirt@us.ibm.com (string)

tags : [ »

0 : Patch (string)

1 : Vendor Advisory (string)

]

url : http://www.ibm.com/support/docview.wss?uid=swg21995340 (string)

}

1 : { »

source : psirt@us.ibm.com (string)

url : http://www.securityfocus.com/bid/96132 (string)

}

2 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

1 : Vendor Advisory (string)

]

url : http://www.ibm.com/support/docview.wss?uid=swg21995340 (string)

}

3 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://www.securityfocus.com/bid/96132 (string)

}

]

sourceIdentifier : psirt@us.ibm.com (string)

vulnStatus : Deferred (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-200 (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

Affected Vendors & Products

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object