PT-2017-7598 · Ibm · Ibm Security Guardium
Chris Shepherd
+6
·
Publicado
2017-07-05
·
Atualizado
2017-07-11
·
CVE-2016-0238
CVSS v2.0
4.3
Média
| Vetor | AV:N/AC:M/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
IBM Security Guardium versions 9.0 through 10.1
Description
The issue allows an attacker to obtain sensitive information using man-in-the-middle techniques because sensitive data is transmitted in cleartext in the query of the request.
Recommendations
For IBM Security Guardium versions 9.0 through 10.1, consider implementing encryption for sensitive data transmitted in the query of the request to prevent interception by an attacker.
Correção
Information Disclosure
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Ibm Security Guardium