Security Bulletin: Two vulnerabilities fixed in recent IBM ServerGuide, UXSPI and ToolsCenter Suite release (CVE-2014-4244, CVE-2104-4835)

Summary IBM ToolsCenter Suite is affected by one vulnerability in Java, while IBM ServerGuide, UXSPI and ToolsCenter Suite are all affected by an additional vulnerability. Vulnerability Details Abstract IBM ToolsCenter Suite is affected by one vulnerability in Java, while IBM ServerGuide, UXSPI a...

CVE-2014-4835

IBM ServerGuide before 9.63, UpdateXpress System Packs Installer UXSPI before 9.63, and ToolsCenter Suite before 9.63 place credentials in logs, which allows local users to obtain sensitive information by reading a file...

Design/Logic Flaw

IBM ServerGuide before 9.63, UpdateXpress System Packs Installer UXSPI before 9.63, and ToolsCenter Suite before 9.63 place credentials in logs, which allows local users to obtain sensitive information by reading a file...

CVE-2014-4835

IBM ServerGuide before 9.63, UpdateXpress System Packs Installer UXSPI before 9.63, and ToolsCenter Suite before 9.63 place credentials in logs, which allows local users to obtain sensitive information by reading a file...

CVE-2014-4835

The CVE-2014-4835 issue affects IBM ServerGuide before 9.63, UpdateXpress System Packs Installer (UXSPI) before 9.63, and ToolsCenter Suite before 9.63. The root cause is credentials being written to log files, enabling a local user to read sensitive information. Impact is partial confidentiality...