IBM Data Studio Web Console 3.x prior to 3.2, Optim Performance Manager 5.x prior to 5.2, InfoSphere Optim Configuration Manager 2.x prior to 2.2, and DB2 Recovery Expert 2.x support HTTP access to the Web Console, which allows remote malicious users to read session cookies by sniffing the network.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm db2 recovery expert 2.0 |
||
ibm infosphere optim configuration manager 2.0 |
||
ibm infosphere optim configuration manager 2.1 |
||
ibm data studio web console 3.1.0 |
||
ibm optim performance manager 5.1.0 |