IBM Security Guardium 9.0, 9.1, 9.5, 10.0, and 10.1 transmits sensitive data in cleartext in the query of the request. This could allow an attacker to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 110409
References
Link | Resource |
---|---|
http://www.ibm.com/support/docview.wss?uid=swg21989124 | Vendor Advisory |
http://www.securityfocus.com/bid/99379 | Third Party Advisory VDB Entry |
https://exchange.xforce.ibmcloud.com/vulnerabilities/110409 | Vendor Advisory |
http://www.ibm.com/support/docview.wss?uid=swg21989124 | Vendor Advisory |
http://www.securityfocus.com/bid/99379 | Third Party Advisory VDB Entry |
https://exchange.xforce.ibmcloud.com/vulnerabilities/110409 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 02:41
Type | Values Removed | Values Added |
---|---|---|
References | () http://www.ibm.com/support/docview.wss?uid=swg21989124 - Vendor Advisory | |
References | () http://www.securityfocus.com/bid/99379 - Third Party Advisory, VDB Entry | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/110409 - Vendor Advisory |
Information
Published : 2017-07-05 13:29
Updated : 2024-11-21 02:41
NVD link : CVE-2016-0238
Mitre link : CVE-2016-0238
CVE.ORG link : CVE-2016-0238
JSON object : View
Products Affected
ibm
- security_guardium
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor