NuytsTech Security

CVE-2012-0742

by ·

IBM Tivoli Event Pump 4.2.2, when the LOG_REQUESTS and VALIDATE_SOAP_USERS options are enabled, places credentials into the AOPSCLOG (aka AOPLOG) data set, which allows local users to obtain sensitive information by reading the data.

Date published : 2012-04-09

http://www-01.ibm.com/support/docview.wss?uid=swg1OA38586

https://exchange.xforce.ibmcloud.com/vulnerabilities/74641

Tags: