The login page of IDSWebApp in the Web Administration Tool in IBM Tivoli Directory Server (TDS) 6.2 prior to 6.2.0.3-TIV-ITDS-IF0004 does not have an off autocomplete attribute for authentication fields, which makes it easier for remote malicious users to obtain access by leveraging an unattended workstation.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm tivoli directory server 6.2 |
||
ibm tivoli directory server 6.2.0.0 |
||
ibm tivoli directory server 6.2.0.1 |
||
ibm tivoli directory server 6.2.0.2 |