IBM Support

IV89791: SECURITY APAR CVE-2016-2931 CLEAR TEXT TRANSMISSION OF INFORMATION IN IBM BIGFIX REMOTE CONTROL

Subscribe to this APAR

By subscribing, you receive periodic emails alerting you to the status of the APAR, along with a link to the fix after it becomes available. You can track this item individually or track all items by product.

Notify me when this APAR changes.

Notify me when an APAR for this component changes.

APAR status

  • Closed as program error.

Error description

  • IBM Tivoli Remote Control could allow an authenticated user to
    obtain potentially sensitive information due to the transmission
    of data in cleartext. IBM BigFix Remote Control has remediated
    this vulnerability.
    
    CVE ID: CVE-2016-2931
    

Local fix

  • not available
    

Problem summary

Problem conclusion

  • This fix is included in the IBM BigFix Remote Control 9.1.3
    application update.
    

Temporary fix

Comments

APAR Information

  • APAR number

    IV89791

  • Reported component name

    TIV EP MGR REM

  • Reported component ID

    5725C43RC

  • Reported release

    910

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt / Xsystem

  • Submitted date

    2016-10-07

  • Closed date

    2016-10-11

  • Last modified date

    2016-10-11

  • APAR is sysrouted FROM one or more of the following:

  • APAR is sysrouted TO one or more of the following:

Fix information

  • Fixed component name

    TIV EP MGR REM

  • Fixed component ID

    5725C43RC

Applicable component levels

  • R910 PSN

       UP



Document information

More support for: IBM BigFix family

Software version: 910

Reference #: IV89791

Modified date: 11 October 2016