Monday, August 15, 2016

IBM Security Bulletin: A vulnerability in the IBM BixFix Platform could allow passwords to be transmitted in clear text (CVE-2016-0292, CVE-2016-0397)

Web Reports/BigFix Platform passwords are transmitted in clear text by default. WebReports should be configured to use HTTPS

CVE(s): CVE-2016-0292, CVE-2016-0397

Affected product(s) and affected version(s):

9.0, 9.1, 9.2, 9.5

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2bhQHJA
X-Force Database: http://ift.tt/2b91DYA
X-Force Database: http://ift.tt/2bhQzcX



from IBM Product Security Incident Response Team http://ift.tt/2b91ioY

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.