CVE-2016-0297

Description

IBM Tivoli Endpoint Manager - Mobile Device Management (MDM) could allow a remote attacker to obtain sensitive information due to a missing HTTP Strict-Transport-Security Header through man in the middle techniques.

Affected products

• IBM Corporation / BigFix Platform9.0 – 9.0
• IBM Corporation / BigFix Platform9.1 – 9.1
• IBM Corporation / BigFix Platform9.2 – 9.2
• IBM Corporation / BigFix Platform9.5 – 9.5

References

• MISChttp://www.securityfocus.com/bid/94188
• MISChttp://www.ibm.com/support/docview.wss?uid=swg21993214