CVE 2016-8977

IBM BigFix Inventory v9 could disclose sensitive information to an unauthorized user using HTTP GET requests. This information could be used to mount further attacks against the system.

See the CVE page on Mitre.org for more details.