Information Disclosure Vulnerability in IBM Security Access Manager for Enterprise Single Sign-On
CVE-2013-5420

Currently unrated

Key Information:

Vendor: IBM
Status: Security Access Manager For Enterprise Single Sign-on
Vendor: CVE Published:; 23 December 2013

Summary

The vulnerability allows remote authenticated users leveraging helpdesk privileges to access sensitive log files directly. This incident poses a risk as it could lead to unauthorized exposure of sensitive data, potentially affecting the integrity and confidentiality of the system. Organizations using affected versions should assess their security measures and apply the necessary patches to protect against unauthorized access.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/87482

vdb-entryx_refsource_XF

http://www-01.ibm.com/support/docview.wss?uid=swg21660211

x_refsource_CONFIRM

Timeline

Vulnerability published
Dec 23, 2013
Vulnerability Reserved
Aug 22, 2013