CVE-2020-4405
Summary: IBM Verify Gateway (IVG) PAM components are affected in IVG 1.0.0 and 1.0.1, where debug log files can be world-readable and disclose potentially sensitive information to an authenticated user. The issue arises from logs written to /tmp via trace-file parameters, creating exposure of log...