IBM Spectrum Protect Operations Center 8.1.0.000 through 8.1.10.and 7.1.0.000 through 7.1.11 could allow a remote attacker to obtain sensitive information, caused by improper authentication of a websocket endpoint. By using known tools to subscribe to the websocket event stream, an attacker could exploit this vulnerability to obtain sensitive information. IBM X-Force ID: 188993.
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Spectrum_protect_operations_center | Ibm | 7.1.0.000 (including) | 7.1.11 (including) |
Spectrum_protect_operations_center | Ibm | 8.1.0.000 (including) | 8.1.10 (including) |