Description
IBM Host Access Transformation Services (HATS) 9.6 through 9.6.1.4 and 9.7 through 9.7.0.3 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 210989.
References (2)
Core 2
Core References
Patch, Vendor Advisory vendor-advisory
https://www.ibm.com/support/pages/node/6832964
VDB Entry, Vendor Advisory vdb-entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/210989
Scores
CVSS v3
6.2
EPSS
0.0002
EPSS Percentile
7.1%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-522
Status
published
Products (1)
ibm/host_access_transformation_services
9.6 - 9.6.1.4
Published
Mar 15, 2024
Tracked Since
Feb 18, 2026