Описание
IBM Tivoli Event Pump 4.2.2, when the LOG_REQUESTS and VALIDATE_SOAP_USERS options are enabled, places credentials into the AOPSCLOG (aka AOPLOG) data set, which allows local users to obtain sensitive information by reading the data.
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:ibm:tivoli_event_pump:4.2.2:*:*:*:*:*:*:*
EPSS
Процентиль: 16%
0.0005
Низкий
1.9 Low
CVSS2
Дефекты
CWE-200
Связанные уязвимости
github
больше 3 лет назад
IBM Tivoli Event Pump 4.2.2, when the LOG_REQUESTS and VALIDATE_SOAP_USERS options are enabled, places credentials into the AOPSCLOG (aka AOPLOG) data set, which allows local users to obtain sensitive information by reading the data.
EPSS
Процентиль: 16%
0.0005
Низкий
1.9 Low
CVSS2
Дефекты
CWE-200