CVE-2019-4562

Name of the Vulnerable Software and Affected Versions IBM Security Directory Server version 6.4.0

Description The issue concerns the storage of sensitive information in URLs, which may lead to information disclosure if unauthorized parties gain access to these URLs through server logs, referer headers, or browser history.

Recommendations For IBM Security Directory Server version 6.4.0, consider restricting access to server logs and implementing measures to protect browser history to minimize the risk of information disclosure. As a temporary workaround, avoid using sensitive information in URLs until a more permanent solution is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.