Vulnerability Description
IBM Security Access Manager Appliance 8.0.0 through 8.0.1.6, and 9.0.0 through 9.0.3.1 stores potentially sensitive information in log files that could be read by a remote user. IBM X-Force ID: 128617.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Security Access Manager | >= 9.0.0, <= 9.0.3.1 |
| Ibm | Security Access Manager For Web | >= 8.0.0, <= 8.0.1.6 |
| Ibm | Security Access Manager For Mobile | >= 8.0.0, <= 8.0.1.6 |
Related Weaknesses (CWE)
References
- http://www.ibm.com/support/docview.wss?uid=swg22012309PatchVendor Advisory
- http://www.securityfocus.com/bid/104471Third Party AdvisoryVDB Entry
- https://exchange.xforce.ibmcloud.com/vulnerabilities/128617VDB EntryVendor Advisory
- http://www.ibm.com/support/docview.wss?uid=swg22012309PatchVendor Advisory
- http://www.securityfocus.com/bid/104471Third Party AdvisoryVDB Entry
- https://exchange.xforce.ibmcloud.com/vulnerabilities/128617VDB EntryVendor Advisory
FAQ
What is CVE-2017-1480?
CVE-2017-1480 is a vulnerability with a CVSS score of 4.3 (MEDIUM). IBM Security Access Manager Appliance 8.0.0 through 8.0.1.6, and 9.0.0 through 9.0.3.1 stores potentially sensitive information in log files that could be read by a remote user. IBM X-Force ID: 128617...
How severe is CVE-2017-1480?
CVE-2017-1480 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-1480?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Security Access Manager, Ibm Security Access Manager For Web, Ibm Security Access Manager For Mobile.