CVE-2009-5084

IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before 6.2.0.2, when com.tivoli.am.fim.infocard.delegates.InfoCardSTSDelegate tracing is enabled, creates a cleartext log entry containing a password, which might allow local users to obtain sensitive information by reading the log data.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:ibm:tivoli_federated_identity_manager:6.2.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_federated_identity_manager:6.2.0.1:*:*:*:*:*:*:*

History

21 Nov 2024, 01:11

Type Values Removed Values Added
References () http://www-01.ibm.com/support/docview.wss?uid=swg1IZ44560 - Patch () http://www-01.ibm.com/support/docview.wss?uid=swg1IZ44560 - Patch
References () http://www.ibm.com/support/docview.wss?uid=swg24029497 - () http://www.ibm.com/support/docview.wss?uid=swg24029497 -

Information

Published : 2011-08-12 17:55

Updated : 2024-11-21 01:11


NVD link : CVE-2009-5084

Mitre link : CVE-2009-5084

CVE.ORG link : CVE-2009-5084


JSON object : View

Products Affected

ibm

  • tivoli_federated_identity_manager
CWE
CWE-310

Cryptographic Issues