CVE-2021-20582

Name of the Vulnerable Software and Affected Versions: IBM Security Secret Server versions up to 11.0

Description: The issue arises from the storage of sensitive information in URL parameters, potentially leading to information disclosure if unauthorized parties access the URLs through server logs, referrer headers, or browser history.

Recommendations: For IBM Security Secret Server versions up to 11.0, consider implementing measures to restrict access to server logs and referrer headers, and advise users to clear their browser history regularly to minimize the risk of information disclosure. As a temporary workaround, consider configuring the server to not store sensitive information in URL parameters until a more permanent solution is available.