PT-2021-12155 · Ibm · Ibm Workload Automation
Published
2021-01-12
·
Updated
2021-01-14
·
CVE-2020-4673
CVSS v3.1
4.3
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
IBM Workload Automation version 9.5
Description
The issue allows sensitive information to be stored in HTML comments, which could aid in further attacks against the system.
Recommendations
For IBM Workload Automation version 9.5, consider removing or restricting access to sensitive information stored in HTML comments as a temporary mitigation measure. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Insecure Storage of Sensitive Information
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ibm Workload Automation