Test ID:	1.3.6.1.4.1.25623.1.0.106415
Category:	Web application abuses
Title:	IBM BigFix Remote Control < 9.1.3 Multiple Vulnerabilities
Summary:	IBM BigFix Remote Control is prone to multiple vulnerabilities.
Description:	Summary: IBM BigFix Remote Control is prone to multiple vulnerabilities. Vulnerability Insight: IBM BigFix Remote Control is prone to multiple vulnerabilities: - CVE-2016-2927: IBM BigFix Remote Control could allow a remote attacker to obtain sensitive information through man in the middle techniques due to using out of date encryption algorithms. - CVE-2016-2928: IBM BigFix Report Control could allow an authenticated attacker to obtain sensitive information from error logs. - CVE-2016-2929: IBM BigFix Remote Control uses a weak default password policy that could allow an attacker to easily guess user passwords. Vulnerability Impact: A remote attacker may obtain sensitive information or could easily guess user passwords. Affected Software/OS: IBM BigFix Remote Control version 9.1.2 and prior. Solution: Update to version 9.1.3 or later. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2016-2927 AIX APAR: IV89792 http://www-01.ibm.com/support/docview.wss?uid=swg1IV89792 BugTraq ID: 94561 http://www.securityfocus.com/bid/94561 Common Vulnerability Exposure (CVE) ID: CVE-2016-2928 AIX APAR: IV89748 http://www-01.ibm.com/support/docview.wss?uid=swg1IV89748 BugTraq ID: 94556 http://www.securityfocus.com/bid/94556 Common Vulnerability Exposure (CVE) ID: CVE-2016-2929 AIX APAR: IV89789 http://www-01.ibm.com/support/docview.wss?uid=swg1IV89789 BugTraq ID: 94560 http://www.securityfocus.com/bid/94560
Copyright	Copyright (C) 2016 Greenbone Networks GmbH

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.