Lucene search

[email protected]CVE-2007-1940

HistoryApr 11, 2007 - 1:19 a.m.

CVE-2007-1940

2007-04-1101:19:00

[email protected]

web.nvd.nist.gov

ibm

tivoli

business service manager

tbsm

plaintext password

logging

vulnerability

nvd

cve-2007-1940

4.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:C/I:N/A:N

5.4 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

IBM Tivoli Business Service Manager (TBSM) 4.1 before Interim Fix 1 logs passwords in plaintext, which allows local users to obtain sensitive information by reading (1) ncisetup.db or (2) msi.log.

Affected configurations

NVD

Node

ibmtivoli_business_service_managerMatch4.1

CPENameOperatorVersion
ibm:tivoli_business_service_manageribm tivoli business service managereq4.1

CPE	Name	Operator	Version
ibm:tivoli_business_service_manager	ibm tivoli business service manager	eq	4.1

References

osvdb.org/34770

secunia.com/advisories/24763

www-1.ibm.com/support/docview.wss?uid=swg24015473

www.securityfocus.com/bid/23298

www.securitytracker.com/id?1017869

www.vupen.com/english/advisories/2007/1248

exchange.xforce.ibmcloud.com/vulnerabilities/33426

4.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:C/I:N/A:N

5.4 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2007-1940

prion1 nvd1 cvelist1 securityvulns1