The RES Console in Rule Execution Server in IBM Operational Decision Manager 7.5 before FP3 IF37, 8.0 before MP1 FP2, and 8.5 before MP1 IF26 does not send appropriate Cache-Control HTTP headers, which allows remote malicious users to obtain sensitive information by leveraging an unattended workstation.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm operational decision manager 7.5 |
||
ibm operational decision manager 8.0 |
||
ibm operational decision manager 8.5 |