CVE-2012-0742 Information

Description

IBM Tivoli Event Pump 4.2.2 when the LOG_REQUESTS and VALIDATE_SOAP_USERS options are enabled places credentials into the AOPSCLOG (aka AOPLOG) data set which allows local users to obtain sensitive information by reading the data.

Reference

http://www-01.ibm.com/support/docview.wss?uid=swg1OA38586 https://exchange.xforce.ibmcloud.com/vulnerabilities/74641