Skip to main content

CVE-2006-6607

Severity Low
Score 2.7/10

Summary

The Java Key Store (JKS) for WebSphere Application Server (WAS) for IBM Tivoli Identity Manager (ITIM) 4.6 places the JKS password in a -Djavax.net.ssl.trustStorePassword command line argument, which allows local users to obtain the password by listing the process or using other methods.

  • LOW
  • ADJACENT_NETWORK
  • SINGLE
  • NONE
  • PARTIAL
  • NONE

References

Advisory Timeline

  • Published