CVE-2013-3023

Published: May 24, 2018Modified: Nov 21, 2024

8.1

Vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 2.2 / Impact: 5.9

Source: NVD

Description

IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.1.2 and 7.2.0 through 7.2.1.4 might allow remote attackers to obtain sensitive information about Tomcat credentials by sniffing the network for a session in which HTTP is used. IBM X-Force ID: 84361.

Affected (2)

Products: Ibm: Tivoli Application Dependency Discovery Manager

1 product

Tivoli Application Dependency Discovery Manager

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Ibm Tivoli Application Dependency Discovery Manager	From 7.2.0 to 7.2.1.4
Ibm Tivoli Application Dependency Discovery Manager	Version 7.1.2

Related CWEs

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (4)

http://www-01.ibm.com/support/docview.wss?uid=swg21672388

Source: psirt@us.ibm.com

MitigationVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/84361

Source: psirt@us.ibm.com

VDB EntryVendor Advisory

http://www-01.ibm.com/support/docview.wss?uid=swg21672388

Source: af854a3a-2127-422b-91ae-364da2661108

MitigationVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/84361

Source: af854a3a-2127-422b-91ae-364da2661108

VDB EntryVendor Advisory

Timeline

No history available yet.