CVE-2015-5013

Severity CVSS v4.0:
Pending analysis
Type:
CWE-522 Insufficiently Protected Credentials
Publication date:
08/02/2017
Last modified:
20/04/2025

Description

The IBM Security Access Manager appliance includes configuration files that contain obfuscated plaintext-passwords which authenticated users can access.

Vulnerable products and versions

CPE From Up to
cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:ibm:security_access_manager_for_web_appliance:8.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:security_access_manager_for_mobile:*:*:*:*:*:*:*:*
cpe:2.3:h:ibm:security_access_manager_for_mobile_appliance:8.0:*:*:*:*:*:*:*
cpe:2.3:o:ibm:security_access_manager_9.0_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:ibm:security_access_manager_9.0:-:*:*:*:*:*:*:*