Lucene search
IBMA82CA9A028C24BB1622916BC5998AEEB7A281F8DA27B0827212F87CEF52BE2FAHistoryJun 16, 2018 - 1:14 p.m.
Security Bulletin: Password displayed in plaintext in logs (CVE-2014-0920)
2018-06-1613:14:14
www.ibm.com
5
0.001 Low
EPSS
Percentile
46.4%
Summary
IBM SPSS Analytic Server jobs produce logs that contain a password in plaintext which authenticated users can view.
Vulnerability Details
CVEID: CVE-2014-0920** **
**DESCRIPTION:**IBM SPSS Analytic Server jobs produce logs that contain a password in plaintext which authenticated users can view.
CVSS:
CVSS Base Score: 3.5
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/92073> for the current score.
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:S/C:P/I:N/A:N)
AFFECTED PRODUCTS AND VERSIONS:
IBM SPSS Analytic Server, version 1.0.1 and earlier.
REMEDIATION:
| Product | VRMF | APAR | Fix |
|---|---|---|---|
| IBM SPSS Analytic Server | 1.0.0.0 | PI13527 (APAR 36968) | SPSS Analytic Server 1.0.0.0 IF002 |
| IBM SPSS Analytic Server | 1.0.1.0 | PI13527 (APAR 36968) | SPSS Analytic Server 1.0.1.0 IF004 |
Workarounds and Mitigations
None
| CPE | Name | Operator | Version |
|---|---|---|---|
| ibm spss analytic server | eq | 1.0.1 | |
| ibm spss analytic server | eq | 1.0 |
Related
seebug
seebug
IBM SPSS Analytic Server信任管理漏洞
2014-04-15 00:00:00
nvd
nvd
CVE-2014-0920
2014-04-10 23:55:24
cve
cve
CVE-2014-0920
2014-04-10 23:55:24
prion
prion
Code injection
2014-04-10 23:55:00
cvelist
cvelist
CVE-2014-0920
2014-04-10 23:00:00
0.001 Low
EPSS
Percentile
46.4%
Related for A82CA9A028C24BB1622916BC5998AEEB7A281F8DA27B0827212F87CEF52BE2FA