Required CVE Record Information
Description
ESSearchApplication/palette.do in IBM OmniFind Enterprise Edition 8.x and 9.x includes the administrator password in the HTML source code, which might allow remote attackers to obtain sensitive information by leveraging read access to this file.
References 4 Total
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 4 Total
- securityfocus.com: 20101109 IBM OmniFind - several vulnerabilities mailing-listx_transferred
- securityfocus.com: 44740 vdb-entryx_transferred
- http://security.fatihkilic.de/advisory/fkilic-sa-2010-ibm-omnifind.txt x_transferred
- vupen.com: ADV-2010-2933 vdb-entryx_transferred