PT-2014-2935 · Ibm · Algo Security Access Control Management+3
Published
2014-03-05
·
Updated
2017-08-29
·
CVE-2013-5468
CVSS v2.0
5.0
Medium
| Vector | AV:N/AC:L/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
IBM Algo One versions 4.7.0 through 5.0.0
ACSWeb in Algo Security Access Control Management versions 4.7.0 through 4.9.0
ACSWeb in AlgoWebApps version 5.0.0
Description
The issue allows remote attackers to obtain sensitive information by sniffing the network due to the lack of encryption in login requests.
Recommendations
For IBM Algo One versions 4.7.0 through 5.0.0, consider implementing encryption for login requests.
For ACSWeb in Algo Security Access Control Management versions 4.7.0 through 4.9.0, consider implementing encryption for login requests.
For ACSWeb in AlgoWebApps version 5.0.0, consider implementing encryption for login requests.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Acsweb
Algo Security Access Control Management
Algowebapps
Ibm Algo One