IBM SPSS Analytic Server jobs produce logs that contain a password in plaintext which authenticated users can view.
CVEID: CVE-2014-0920** **
**DESCRIPTION:**IBM SPSS Analytic Server jobs produce logs that contain a password in plaintext which authenticated users can view.
CVSS:
CVSS Base Score: 3.5
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/92073> for the current score.
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:S/C:P/I:N/A:N)
AFFECTED PRODUCTS AND VERSIONS:
IBM SPSS Analytic Server, version 1.0.1 and earlier.
REMEDIATION:
Product | VRMF | APAR | Fix |
---|---|---|---|
IBM SPSS Analytic Server | 1.0.0.0 | PI13527 (APAR 36968) | SPSS Analytic Server 1.0.0.0 IF002 |
IBM SPSS Analytic Server | 1.0.1.0 | PI13527 (APAR 36968) | SPSS Analytic Server 1.0.1.0 IF004 |
None