IBM Security Privileged Identity Manager 2.0.2 and 2.1.0 stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer header or browser history. IBM X-Force ID: 116136.
References
Link | Resource |
---|---|
http://www.ibm.com/support/docview.wss?uid=swg22003092 | Patch Vendor Advisory |
http://www.securityfocus.com/bid/98829 | Third Party Advisory VDB Entry |
https://exchange.xforce.ibmcloud.com/vulnerabilities/116136 | VDB Entry Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: ibm
Published: 2017-06-07T17:00:00
Updated: 2017-06-08T09:57:01
Reserved: 2016-06-29T00:00:00
Link: CVE-2016-5959
JSON object: View
NVD Information
Status : Analyzed
Published: 2017-06-07T17:29:00.427
Modified: 2017-06-13T16:37:54.747
Link: CVE-2016-5959
JSON object: View
Redhat Information
No data.
CWE