First published: Thu May 24 2018(Updated: )
IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.1.2 and 7.2.0 through 7.2.1.4 might allow remote attackers to obtain sensitive information about Tomcat credentials by sniffing the network for a session in which HTTP is used. IBM X-Force ID: 84361.
Credit: psirt@us.ibm.com
Affected Software | Affected Version | How to fix |
---|---|---|
IBM Tivoli Application Dependency Discovery Manager | >=7.2.0<=7.2.1.4 | |
IBM Tivoli Application Dependency Discovery Manager | =7.1.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this vulnerability is CVE-2013-3023.
The severity of CVE-2013-3023 is high with a CVSS score of 8.1.
IBM Tivoli Application Dependency Discovery Manager versions 7.1.2 and 7.2.0 through 7.2.1.4 are affected by CVE-2013-3023.
Remote attackers can exploit CVE-2013-3023 by sniffing the network for a session in which HTTP is used to obtain sensitive information about Tomcat credentials.
You can find more information about CVE-2013-3023 at the following references: [IBM Support](http://www-01.ibm.com/support/docview.wss?uid=swg21672388) and [IBM X-Force](https://exchange.xforce.ibmcloud.com/vulnerabilities/84361).