Vulnerability in IBM Security Access Manager
Severity Rating: Medium
System Affected:
- Version(s): Appliance 8.0.0.2, 8.0.0.4, 8.0.0.5, 8.0.1, 8.0.1.2, 8.0.1.3, 8.0.1.4, 9.0.0.1, 9.0.1.0, 9.0.2.0
Description:
A vulnerability has been identified in IBM Security Access Manager.
This vulnerability allows a local user to obtain passwords on the target system.
The IBM Security Access Manager appliance stores obfuscated passwords in plain-text configuration files that can be accessed by local users.
Source:
Solution
Users are advised to apply updates.
Vendor Information
IBM
CVE Information
References
Security Tracker
Contact Information
Postal address
Mauritian Computer Emergency Response Team (CERT-MU)
National Computer Board
7th Floor, Stratton Court
La Poudriere Street
Port Louis