Design/Logic Flaw

2013-09-2510:31:00

PRIOn knowledge base

www.prio-n.com

6.9 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

61.7%

JSON

IBM Data Studio Web Console 3.x before 3.2, Optim Performance Manager 5.x before 5.2, InfoSphere Optim Configuration Manager 2.x before 2.2, and DB2 Recovery Expert 2.x support HTTP access to the Web Console, which allows remote attackers to read session cookies by sniffing the network.

CPENameOperatorVersion
data_studio_web_consoleeq3.1.0
db2_recovery_experteq2.0
infosphere_optim_configuration_managereq2.1
infosphere_optim_configuration_managereq2.0
optim_performance_managereq5.1.0

Name	Operator	Version
data_studio_web_console	eq	3.1.0
db2_recovery_expert	eq	2.0
infosphere_optim_configuration_manager	eq	2.1
infosphere_optim_configuration_manager	eq	2.0
optim_performance_manager	eq	5.1.0