2 matches found
Security Bulletin: IBM Security Access Manager uses configuration files with obfuscated passwords that can be accessed by authenticated users (CVE-2015-5013)
Summary The IBM Security Access Manager appliance stores obfuscated passwords in plain-text configuration files that can be accessed by authenticated users. Vulnerability Details CVEID: CVE-2015-5013 DESCRIPTION: The appliance includes configuration files that contain obfuscated...
CVE-2015-5013
CVE-2015-5013 affects IBM Security Access Manager appliances where configuration files store obfuscated plaintext passwords that can be accessed by authenticated users (local exposure). IBM’s bulletin lists affected products and firmware ranges: Web 8.0.x (8.0.0.0–8.0.1.4) with upgrade to 8.0.1.5...