Описание
The Java Key Store (JKS) for WebSphere Application Server (WAS) for IBM Tivoli Identity Manager (ITIM) 4.6 places the JKS password in a -Djavax.net.ssl.trustStorePassword command line argument, which allows local users to obtain the password by listing the process or using other methods.
The Java Key Store (JKS) for WebSphere Application Server (WAS) for IBM Tivoli Identity Manager (ITIM) 4.6 places the JKS password in a -Djavax.net.ssl.trustStorePassword command line argument, which allows local users to obtain the password by listing the process or using other methods.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2006-6607
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30865
- http://secunia.com/advisories/23359
- http://securitytracker.com/id?1017380
- http://www-1.ibm.com/support/docview.wss?uid=swg21251069
- http://www.securityfocus.com/bid/21570
- http://www.vupen.com/english/advisories/2006/4989
EPSS
CVE ID
Связанные уязвимости
The Java Key Store (JKS) for WebSphere Application Server (WAS) for IBM Tivoli Identity Manager (ITIM) 4.6 places the JKS password in a -Djavax.net.ssl.trustStorePassword command line argument, which allows local users to obtain the password by listing the process or using other methods.
EPSS