Описание
Information Services Framework (ISF) in IBM InfoSphere Information Server 8.1, 8.5 before FP3, and 8.7 and InfoSphere Business Glossary 8.1.1 and 8.1.2 does not have an off autocomplete attribute for the password field on the login page, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation.
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:ibm:infosphere_business_glossary:8.1.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:infosphere_business_glossary:8.1.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:infosphere_information_server:8.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:infosphere_information_server:8.5:*:*:*:*:*:*:*
cpe:2.3:a:ibm:infosphere_information_server:8.5.0.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:infosphere_information_server:8.5.0.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:infosphere_information_server:8.7:*:*:*:*:*:*:*
EPSS
Процентиль: 25%
0.00084
Низкий
1.9 Low
CVSS2
Дефекты
CWE-200
Связанные уязвимости
github
больше 3 лет назад
Information Services Framework (ISF) in IBM InfoSphere Information Server 8.1, 8.5 before FP3, and 8.7 and InfoSphere Business Glossary 8.1.1 and 8.1.2 does not have an off autocomplete attribute for the password field on the login page, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation.
EPSS
Процентиль: 25%
0.00084
Низкий
1.9 Low
CVSS2
Дефекты
CWE-200