PT-2012-4644 · Ibm · Ibm Infosphere Guardium

Published

2012-08-29

Updated

2017-08-29

CVE-2012-3312

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions IBM InfoSphere Guardium versions 8.2 and earlier

Description The issue concerns the transmission of cleartext database credentials over the network when the save-password setting is enabled in the datasource definition editor. This allows remote attackers to obtain sensitive information by sniffing the network.

Recommendations For IBM InfoSphere Guardium versions 8.2 and earlier, disable the save-password setting in the datasource definition editor to prevent the transmission of cleartext database credentials.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-310

Related Identifiers

CVE-2012-3312

Affected Products

Ibm Infosphere Guardium

PT-2012-4644 · Ibm · Ibm Infosphere Guardium

CVE-2012-3312

Weakness Enumeration

Related Identifiers

Affected Products

References · 5