Skip Ribbon Commands
Skip to main content
Computer Emergency Response Team of Mauritius (CERT-MU)
Computer Emergency Response Team of Mauritius>CERT-MU Vulnerability Note VN-2017-24

CERT-MU Vulnerability Note VN-2017-24


Vulnerability in IBM Security Access Manager
Severity Rating: Medium
System Affected:  
 
  • Version(s): Appliance 8.0.0.2, 8.0.0.4, 8.0.0.5, 8.0.1, 8.0.1.2, 8.0.1.3, 8.0.1.4, 9.0.0.1, 9.0.1.0, 9.0.2.0
 
Description:
 
A vulnerability has been identified in IBM Security Access Manager.
 
This vulnerability allows a local user to obtain passwords on the target system.
 
The IBM Security Access Manager appliance stores obfuscated passwords in plain-text configuration files that can be accessed by local users.

Source:
Solution
Users are advised to apply updates.
 
 
Vendor Information
IBM
 
CVE Information
 
References
Security Tracker
 
 
Contact Information
 
Postal address
Mauritian Computer Emergency Response Team (CERT-MU)
National Computer Board
7th Floor, Stratton Court
La Poudriere Street
Port Louis