Tuesday, April 28, 2020

Security Bulletin: Sensitive Information Disclosed in Logs (CVE-2019-4286)

Apr 28, 2020 8:01 pm EDT

Categorized: Medium Severity

Share this post:

IBM Maximo Anywhere discloses sensitive information such as usernames, passwords, session token and other cookies in device/console logs.

Affected product(s) and affected version(s):

 

Affected Product(s) Version(s)
IBM Maximo Anywhere 7.6.2
IBM Maximo Anywhere 7.6.3

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6202556



from IBM Product Security Incident Response Team https://ift.tt/3bKD4i4

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.