IBM Support

IV89736: SECURITY APAR CVE-2016-2943 INFORMATION DISCLOSURE IN IBM BIGFIX REMOTE CONTROL

Subscribe to this APAR

By subscribing, you receive periodic emails alerting you to the status of the APAR, along with a link to the fix after it becomes available. You can track this item individually or track all items by product.

Notify me when this APAR changes.

Notify me when an APAR for this component changes.

 

APAR status

  • Closed as program error.

Error description

  • IBM BigFix Remote Control could disclose some sensitive
    information stored in a log file, a user with higher than normal
    privileges could obtain. IBM BigFix Remote Control has
    remediated this vulnerability.
    
    CVE ID: CVE-2016-2943
    

Local fix

  • not available
    

Problem summary

Problem conclusion

  • This fix is included in the IBM BigFix Remote Control 9.1.3
    application update.
    

Temporary fix

Comments

APAR Information

  • APAR number

    IV89736

  • Reported component name

    TIV EP MGR REM

  • Reported component ID

    5725C43RC

  • Reported release

    910

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt / Xsystem

  • Submitted date

    2016-10-07

  • Closed date

    2016-10-11

  • Last modified date

    2016-10-11

  • APAR is sysrouted FROM one or more of the following:

  • APAR is sysrouted TO one or more of the following:

Fix information

  • Fixed component name

    TIV EP MGR REM

  • Fixed component ID

    5725C43RC

Applicable component levels

  • R910 PSN

       UP

[{"Business Unit":{"code":null,"label":null},"Product":{"code":"SSBQVS","label":"Tivoli Endpoint Manager"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"910","Edition":"","Line of Business":{"code":"","label":""}}]

Document Information

Modified date:
11 October 2016