The RMI Dispatcher listening port does not require authentication by default. The Dispatcher has added credential checking to ensure only authenticated users have adapter access.
CVE(s): CVE-2017-1483
Affected product(s) and affected version(s):
IBM Security Identity Manager v6.0 Adapters
Security Identity Adapters v7.x for ISIM 7.0, IGI 5.2.x, and PIM 2.x
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2hvXMr2
X-Force Database: http://ift.tt/2hvimLM
The post IBM Security Bulletin: RMI Dispatcher port used by Security Identity Adapters is not authenticated by default appeared first on IBM PSIRT Blog.
from IBM Product Security Incident Response Team http://ift.tt/2hvXOza
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.