2 matches found
CVE-2020-4164
CVE-2020-4164 affects IBM Security Information Queue (ISIQ) versions 1.0.0–1.0.5, where application error messages could disclose sensitive information, creating potential information-disclosure risk. The root issue is that error outputs may reveal data that could aid further attacks. The advisor...
Security Bulletin: IBM Security Information Queue could reveal sensitive data in application error messages (CVE-2020-4164)
Summary In response to certain application errors, IBM Security Information Queue ISIQ could output messages that contain sensitve data, which could then be used to gain unauthorized system access. As of v1.0.6, ISIQ no longer includes sensitve data when outputting error messages. Vulnerability...