Information Disclosure Vulnerability in IBM Tivoli Storage Productivity Center
CVE-2019-4138
5.9MEDIUM
What is CVE-2019-4138?
IBM Tivoli Storage Productivity Center versions 5.2.13 to 5.3.0.1 are susceptible to an information disclosure vulnerability due to improper configuration of HTTP Strict Transport Security (HSTS). This misconfiguration allows remote attackers to exploit the vulnerability using man in the middle techniques, potentially gaining access to sensitive information transmitted over the network. Users are advised to check their configurations and apply security best practices to mitigate this vulnerability.
Affected Version(s)
Spectrum Control Standard Edition 5.2.13
Spectrum Control Standard Edition 5.2.14
Spectrum Control Standard Edition 5.2.15