CVE-2016-0394 IBM CVE debrief

Who should care

Administrators and security teams responsible for IBM Integration Bus 9.0/10.0 and WebSphere Message Broker 8.0 deployments, especially systems where multiple users have local access or where service accounts and shared hosts are in use.

Technical summary

NVD maps this issue to CWE-275 (improper permission assignment). The CVSS 3.0 vector is AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N, reflecting a local attack that needs low privileges and no user interaction, with integrity impact only. NVD lists affected IBM CPEs for Integration Bus 9.0 and 10.0, and WebSphere Message Broker 8.0 through 8.0.0.5. IBM’s advisory is referenced by NVD as the primary vendor guidance for remediation.

Defensive priority

Low, but should be remediated in the normal patch cycle because it can allow local file manipulation on affected IBM middleware installations.

Recommended defensive actions

• Review IBM’s vendor advisory and apply the recommended fix or update for the affected product line.
• Confirm whether any installations match the affected IBM Integration Bus or WebSphere Message Broker versions listed by NVD.
• Audit local account access on affected systems and remove unnecessary privileges where possible.
• Check file and directory permissions around the impacted object(s) and align them with IBM’s guidance.
• Include the affected hosts in routine integrity monitoring and verify that permissions remain corrected after maintenance or upgrades.

Evidence notes

Source corpus evidence: NVD entry for CVE-2016-0394 marks the vulnerability status as Modified and lists IBM Integration Bus 9.0/10.0 and WebSphere Message Broker 8.0.x as vulnerable CPEs. NVD also records the CVSS 3.0 vector AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N and CWE-275. IBM’s support advisory (swg21985013) and a SecurityFocus BID 94577 entry are cited in the NVD references. CVE publishedAt is 2017-02-01T20:59:00.237Z; modifiedAt is 2026-05-13T00:24:29.033Z.

Official resources