Short Name |
HTTP:IBM-ACLM-PD |
---|---|
Severity |
Minor |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
IBM Algorithmics RICOS Password Disclosure |
Release Date |
2017/05/14 |
Update Number |
2893 |
Supported Platforms |
idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a known vulnerability in the IBM Algorithmics RICOS. Successful attack allows context-dependent attackers to discover database credentials by reading the DbUser and DbPass fields in an XML document.
RICOS in IBM Algo Credit Limits (aka ACLM) 4.5.0 through 4.7.0 before 4.7.0.03 FP5 in IBM Algorithmics allows context-dependent attackers to discover database credentials by reading the DbUser and DbPass fields in an XML document.