CVE-2016-8954
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2016-8954
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
IBM dashDB Local uses hard-coded credentials that could allow a remote attacker to gain access to the Docker container or database.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
IBM dashDB Local 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
IBM dashDB Local是美国IBM公司的一套在私有云、虚拟私有云和其他容器支持的基础架构中使用的下一代数据仓库存储和分析解决方案。该方案具有灵活的容器交付、混合环境存储数据、基于Spark内存计算、数据分析等特点。 IBM dashDB Local 1.0.0版本至1.3.1版本中存在安全漏洞,该漏洞源于程序使用硬编码证书。远程攻击者可利用该漏洞获取Docker容器或数据库的访问权限。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| IBM Corporation | DashDB Local | 1.0.0 | - |
II. Public POCs for CVE-2016-8954
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2016-8954
请登录查看更多情报信息。
- http://www.ibm.com/support/docview.wss?uid=swg21994471x_refsource_CONFIRM
- https://nvd.nist.gov/vuln/detail/CVE-2016-8954
Same Patch Batch · IBM Corporation · 2017-02-08 · 25 CVEs total
| CVE-2016-0310 | IBM Connections 主机头注入漏洞 | |
| CVE-2017-1128 | IBM Rational Requirements Composer和Rational DOORS Next Generation 跨站脚本漏洞 | |
| CVE-2017-1127 | IBM Rational Requirements Composer和Rational DOORS Next Generation 跨站脚本漏洞 | |
| CVE-2016-9748 | IBM Rational DOORS Next Generation和Rational Requirements Composer 信息泄露漏洞 | |
| CVE-2016-6032 | IBM Rational Team Concert 跨站脚本漏洞 | |
| CVE-2016-2866 | IBM Jazz Team Server 安全漏洞 | |
| CVE-2015-5013 | IBM Security Access Manager 信息泄露漏洞 | |
| CVE-2016-9005 | IBM TS3100和TS3200 Tape库安全漏洞 | |
| CVE-2016-5934 | IBM Tivoli Storage Manager 本地任意代码执行漏洞 | |
| CVE-2016-5918 | IBM Tivoli Storage Manager HSM for Windows 本地信息泄露漏洞 | |
| CVE-2016-5902 | IBM Maximo Asset Management 跨站脚本漏洞 | |
| CVE-2016-5900 | IBM Tealeaf Customer Experience on Cloud Network Capture Add-On 安全漏洞 | |
| CVE-2015-1976 | IBM Tivoli Directory Server和Security Directory Server 安全漏洞 | |
| CVE-2016-0308 | IBM Connections 安全绕过漏洞 | |
| CVE-2016-0307 | IBM Connections 远程信息泄露漏洞 | |
| CVE-2016-0305 | IBM Connections 跨站脚本漏洞 | |
| CVE-2016-0214 | IBM BigFix Platform 任意文件上传漏洞 | |
| CVE-2016-0210 | IBM Sterling B2B Integrator 信息泄露漏洞 | |
| CVE-2016-0206 | IBM Cloud Orchestrator 安全漏洞 | |
| CVE-2016-0203 | IBM Cloud Orchestrator和IBM SmartCloud Orchestrator 信息泄露漏洞 |
Showing top 20 of 25 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
V. Comments for CVE-2016-8954
No comments yet