IBM Security Bulletin: BigFix Platform has a vulnerability where information is exposed through Log Files (CVE-2016-0296)

Sensitive information (e.g. admin user name) is exposed in log files

CVE(s): CVE-2016-0296

Affected product(s) and affected version(s):

BigFix Platform version 9.0
BigFix Platform version 9.1
BigFix Platform version 9.2
BigFix Platform version 9.5

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=swg21993213
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/111364



from IBM Product Security Incident Response Team https://www.ibm.com/blogs/psirt/ibm-security-bulletin-bigfix-platform-has-a-vulnerability-where-information-is-exposed-through-log-files-cve-2016-0296/