PT-2025-23422 · Ibm · Ibm Infosphere Information Server
Published
2025-05-31
·
Updated
2025-06-01
·
CVE-2025-1499
CVSS v2.0
6.8
Medium
| Vector | AV:N/AC:L/Au:S/C:C/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
IBM InfoSphere Information Server version 11.7
Description
The issue concerns the storage of credential information for database authentication in a cleartext parameter file. This file could be viewed by an authenticated user, potentially exposing sensitive information.
Recommendations
For IBM InfoSphere Information Server version 11.7, consider restricting access to the parameter file that stores database authentication credentials to minimize the risk of exploitation. Additionally, review and modify the authentication configuration to avoid storing credentials in cleartext. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Cleartext Storage of Sensitive Information
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ibm Infosphere Information Server