PT-2015-1612 · Ibm · Ibm Security Siteprotector System

Publicado

2015-05-25

·

Atualizado

2015-05-26

·

CVE-2015-0170

CVSS v2.0

2.1

Baixa

VetorAV:L/AC:L/Au:N/C:P/I:N/A:N
Name of the Vulnerable Software and Affected Versions IBM Security SiteProtector System versions 3.0 through 3.0.0.6 IBM Security SiteProtector System versions 3.1 through 3.1.0.3 IBM Security SiteProtector System versions 3.1.1 through 3.1.1.1
Description The issue is related to the lack of protection for service data, allowing local users to obtain sensitive information by reading cached data. This can be exploited by an attacker to gain access to protected information.
Recommendations For IBM Security SiteProtector System versions 3.0 through 3.0.0.6, update to version 3.0.0.7 or later. For IBM Security SiteProtector System versions 3.1 through 3.1.0.3, update to version 3.1.0.4 or later. For IBM Security SiteProtector System versions 3.1.1 through 3.1.1.1, update to version 3.1.1.2 or later.

Correção

Information Disclosure

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-200

Identificadores relacionados

BDU:2015-10945
CVE-2015-0170

Produtos afetados

Ibm Security Siteprotector System