IBM Security Guardium 9.0, 9.1, 9.5, 10.0, and 10.1 transmits sensitive data in cleartext in the query of the request. This could allow an attacker to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 110409
References
Link | Resource |
---|---|
http://www.ibm.com/support/docview.wss?uid=swg21989124 | Vendor Advisory |
http://www.securityfocus.com/bid/99379 | Third Party Advisory VDB Entry |
https://exchange.xforce.ibmcloud.com/vulnerabilities/110409 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2017-07-05 13:29
Updated : 2024-02-28 16:04
NVD link : CVE-2016-0238
Mitre link : CVE-2016-0238
CVE.ORG link : CVE-2016-0238
JSON object : View
Products Affected
ibm
- security_guardium
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor