IBM SPSS Analytic Server Vulnerability Logging Cleartext Passwords
CVE-2014-0920

Currently unrated

Key Information:

Vendor: IBM
Status: Spss Analytic Server
Vendor: CVE Published:; 10 April 2014

Summary

The IBM SPSS Analytic Server versions prior to IF002 and 1.0.1 before IF004 contain a vulnerability where cleartext passwords are logged. This flaw allows remote authenticated users to potentially access sensitive information through unspecified methods, leading to unintentional exposure of credentials and undermining the overall security posture of affected systems.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/92073

vdb-entryx_refsource_XF

http://www-01.ibm.com/support/docview.wss?uid=swg1PI13527

vendor-advisoryx_refsource_AIXAPAR

http://www-01.ibm.com/support/docview.wss?uid=swg21669506

x_refsource_CONFIRM

Timeline

Vulnerability published
Apr 10, 2014
Vulnerability Reserved
Jan 6, 2014