3 matches found
CVE-2015-7434
IBM Capacity Management Analytics 2.1.0.0 contains a local-authentication disclosure flaw: a local user on the CMA install machine can obtain other CMA users’ encrypted usernames and passwords via a static password in setenv.sh. The issue is actionable on the CMA install host and is fixed in CMA ...
CVE-2015-7433
IBM Capacity Management Analytics 2.1.0.0 is affected by CVE-2015-7433, where a local attacker on the CMA install machine can obtain other CMA users’ usernames and plaintext passwords during installation. The issue arises from insecure handling during the CMA install process. The IBM security bul...
CVE-2015-7432
CVE-2015-7432 affects IBM Capacity Management Analytics 2.1.0.0. A local attacker with special privileges could decrypt usernames and passwords by abusing access to the files setenv.sh and parameter.txt, exposing sensitive credentials. The IBM advisory confirms the vulnerability exists in CMA 2.1...