Credential Storage Vulnerability in IBM BigFix Platform
CVE-2017-1231
4.4MEDIUM
Summary
The IBM BigFix Platform versions 9.5 through 9.5.9 contains a vulnerability where user credentials are stored in plain text. This exposes sensitive information to local users who can access the system, potentially leading to unauthorized actions by malicious insiders. Organizations using these versions should take immediate steps to mitigate this risk by upgrading to the latest version and ensuring secure credential management practices.
Affected Version(s)
BigFix Platform 9.5
BigFix Platform 9.5.1
BigFix Platform 9.5.2
References
CVSS V3.1
Score:
4.4
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved