Vulnerability in Ibm Tivoli_federated_identity_manager

CVE-2009-5084

IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before 6.2.0.2, when com.tivoli.am.fim.infocard.delegates.InfoCardSTSDelegate tracing is enabled, creates a cleartext log entry containing a password, which might allow local users to obta…

Vulnerability class: POODLE (CVE-2014-3566)

EPSS: 0.001 (16.4th percentile) — read the EPSS interpretation.

Affected products

Ibm Tivoli_federated_identity_manager — versions 6.2.0, 6.2.0.1
N/a — versions n/a

Weakness classification (CWE)

CWE-310 — Cryptographic Issues

References

IZ44560 (vendor-advisory, Patch, x_refsource_AIXAPAR)
cve@mitre.org (x_refsource_CONFIRM)