Home Unlabelled Security Bulletin: Overly Permissive CORS Policy vulnerability found on IBM Security Secret Server (CVE-2019-4633)

Security Bulletin: Overly Permissive CORS Policy vulnerability found on IBM Security Secret Server (CVE-2019-4633)

By
Friday, January 24, 2020
Read
Add Comment

This security bulletin describes plugging some potential, minor yet significant, information leaks by the IBM Security Secret Server. IBM Security Secret Server has an overly permissive CORS policy for login.

Affected product(s) and affected version(s):

Affected Product(s)Version(s)
IBM Security Secret ServerAll

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/1283200

The post Security Bulletin: Overly Permissive CORS Policy vulnerability found on IBM Security Secret Server (CVE-2019-4633) appeared first on IBM PSIRT Blog.



from IBM Product Security Incident Response Team https://ift.tt/2RmRE7v
Tags :

Created By Nexus · Powered by Blogger
© All Rights Reserved

Terms Of Service · Privacy Policy · Disclaimer · Contact Us · About Us