Vulnerability in Ibm Security_access_manager_for_enterprise_single_sign-on

CVE-2013-5420

The IMS server before Ifix 6 in IBM Security Access Manager for Enterprise Single Sign-On (ISAM ESSO) 8.2 allows remote authenticated users to read log files by leveraging helpdesk privileges for a direct request.

EPSS: 0.002 (36.5th percentile) — read the EPSS interpretation.

Affected products

Ibm Security_access_manager_for_enterprise_single_sign-on — versions 8.2
N/a — versions n/a

Weakness classification (CWE)

CWE-264

References

ibm-sam-cve20135420-info-disc(87482) (vdb-entry, x_refsource_XF)
psirt@us.ibm.com (x_refsource_CONFIRM, Vendor Advisory)