Oct 5, 2020 8:00 pm EDT
Categorized: Medium Severity
Share this post:
Passwords provided as part of a URL for an administrative COPY command may appear in the administrative log. If the password is not provided in the URL, it will be prompted for, and will not appear in the log.
Affected product(s) and affected version(s):
| Affected Product(s) | Version(s) |
| IBM DataPower Gateway | 10.0.0.0 |
| IBM DataPower Gateway | 2018.4.1.0-2018.4.1.12 |
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www.ibm.com/support/pages/node/6333033
from IBM Product Security Incident Response Team https://ift.tt/3jz3iI1
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.