Primary

Context

IBM Common Licensing Password Exposure Vulnerability

Vulnerability

A vulnerability exists in IBM Common Licensing version 9.0, where user credentials are stored in plain text, allowing local users to read them. This issue could lead to unauthorized access to user accounts if an attacker gains access to the logged-in user's session. The vulnerability is present in both the IBM License Key Server Administration and Reporting Tool and its Agent.

Impact

Exposing user credentials in plain text could allow local users to access accounts of logged-in users, potentially leading to unauthorized actions or access.

Remediation

Users are advised to update to IBM Common Licensing version 9.0.0.1. For those using the IBM License Key Server Administration Agent, version 9001 is available. Instructions for updating can be found on the IBM Support website.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

3.3

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

3.3

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

IBM Common Licensing Password Exposure Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating