PT-2014-7066 · Ibm · Connect:Direct Server Adapter+1
Published
2014-11-08
·
Updated
2017-09-08
·
CVE-2014-6146
CVSS v2.0
1.9
Low
| Vector | AV:L/AC:M/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
IBM Sterling B2B Integrator versions 5.2.x through 5.2.4
Description
The issue allows local users to obtain sensitive information by reading log files due to improper processing of the logging configuration when the Connect:Direct Server Adapter is configured.
Recommendations
For versions 5.2.x through 5.2.4, consider restricting access to log files as a temporary workaround until a patch is available.
Fix
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Connect:Direct Server Adapter
Ibm Sterling B2B Integrator