Log viewer vulnerability affects IBM Workload Deployer.
CVEID:CVE-2014-6190
DESCRIPTION:
Defined system users without proper permissions can access the log viewer functionality by entering the log page URLs in their browser.
CVSS Base Score: 5.0
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/98561> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)
IBM Workload Deployer version 3.1 and later
The solution is to apply the IBM Workload Deployer Iinterim fix6.
Product
|
VRMF
|
Remediation/First Fix
—|—|—
IBM Workload Deployer System| Release V3.1.0.7| IWD 3.1.0.7 Interim Fix 6
None