CVE-2016-8982

IBM InfoSphere Information Server stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer header or browser history.

Published: Feb 1, 2017
Updated: Apr 13, 2023
CVE: CVE-2016-8982
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 5.3
AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:P/I:N/A:N

CWEs:

CWE-200

Affected Software
References

Software	From	Fixed in
ibm / infosphere_datastage	9.1	9.1.x
ibm / infosphere_datastage	8.7	8.7.x
ibm / infosphere_datastage	11.3	11.3.x

http://www.ibm.com/support/docview.wss?uid=swg21995895
http://www.securityfocus.com/bid/95651
http://www.securitytracker.com/id/1037616

Vulnerability Database

289,784

CVE-2016-8982