CVE-2013-4025

Currently unrated

Key Information:

Vendor
IBM
Status
Data Studio Web Console
Infosphere Optim Configuration Manager
Optim Performance Manager
Db2 Recovery Expert
Vendor
CVE Published:
25 September 2013

Summary

IBM Data Studio Web Console 3.x before 3.2, Optim Performance Manager 5.x before 5.2, InfoSphere Optim Configuration Manager 2.x before 2.2, and DB2 Recovery Expert 2.x do not have an off autocomplete attribute for the login-password field, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation.

References

http://www-01.ibm.com/support/docview.wss?uid=swg21650504
x_refsource_CONFIRM
https://exchange.xforce.ibmcloud.com/vulnerabilities/85933
vdb-entryx_refsource_XF

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.