IBM Tivoli Event Pump 4.2.2, when the LOG_REQUESTS and VALIDATE_SOAP_USERS options are enabled, places credentials into the AOPSCLOG (aka AOPLOG) data set, which allows local users to obtain sensitive information by reading the data.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm tivoli event pump 4.2.2 |