Medium Severity

Security Bulletin: Information Exposure vulnerability found on IBM Security Secret Server (CVE-2019-4634)

Share this post:

This security bulletin describes plugging some potential, minor yet significant, information leaks by the IBM Security Secret Server Web server.
IBM Security Secret Server may unintentionally disclose information about their underlying technologies through headers, error messages, version numbers, or other identifying information. An attacker can use that information to research vulnerabilities in those technologies to attack the application to breach the system.

Affected Products and Versions

IBM Security Secret Server, All Versions
Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/1099773
More Medium Severity stories

Security Bulletin: A vulnerability in IBM Java Runtime affects IBM CICS TX on Cloud

Apr 14, 2021 9:23 am EDT | Low Severity

IBM CICS TX on Cloud has addressed the following vulnerability reported by IBM® Runtime Environment Java™ ...read more


Security Bulletin: A vulnerability in IBM Java Runtime affects IBM CICS TX on Cloud

Apr 14, 2021 9:23 am EDT | Low Severity

IBM CICS TX on Cloud has addressed the following vulnerability reported by IBM® Runtime Environment Java™ ...read more


Security Bulletin: A vulnerability in IBM Java Runtime affects TXSeries for Multiplatforms

Apr 14, 2021 9:23 am EDT | Low Severity

TXSeries for Multiplatforms has addressed the following vulnerability reported by IBM® Runtime Environment Java™ ...read more