CVE-2013-0555: IBM Security Access Manager for Enterprise Single Sign-On information disclosure

2013-07-23T00:00:00
ID CVE-2013-0555
Type cve
Reporter NVD
Modified 2013-07-23T00:00:00

Description

The sync.exe process of IBM Security Access Manager for Enterprise Single Sign-On (ISAM ESSO) can be exploited by a local system administrative user through the use of code injection to compromise local data. The attack requires authentication as an Administrative user, can only be exploited locally, and some degree of specialized knowledge is required. An exploit would not impact the data integrity or the availability of the system, but the confidentiality of information could be compromised.