Skip to main content

Generation of Error Message Containing Sensitive Information

CVE-2020-4164

Severity Low
Score 2.7/10

Summary

IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, 1.0.2, 1.0.3, 1.0.4, and 1.0.5 could expose sensitive information from applicatino errors which could be used in further attacks against the system. IBM X-Force ID: 174400.

  • LOW
  • NETWORK
  • NONE
  • UNCHANGED
  • NONE
  • HIGH
  • LOW
  • NONE

CWE-209 - Generation of Error Message Containing Sensitive Information

The software generates an error message that includes sensitive information about its environment, users, or associated data.

References

Advisory Timeline

  • Published