CVE-2012-0742

2012-04-0920:00:00

ibm

www.cve.org

AI Score

5.6

Confidence

Low

EPSS

Percentile

5.1%

JSON

IBM Tivoli Event Pump 4.2.2, when the LOG_REQUESTS and VALIDATE_SOAP_USERS options are enabled, places credentials into the AOPSCLOG (aka AOPLOG) data set, which allows local users to obtain sensitive information by reading the data.

References

www-01.ibm.com/support/docview.wss?uid=swg1OA38586

exchange.xforce.ibmcloud.com/vulnerabilities/74641