CVE-2016-3045

low

Description

IBM Security Access Manager for Web stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referer header or browser history.

References

http://www.securityfocus.com/bid/95103

http://www.ibm.com/support/docview.wss?uid=swg21995435

Details

Source: Mitre, NVD

Published: 2017-02-01

Updated: 2026-05-13

Risk Information

CVSS v2

Base Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 3.7

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

Severity: Low

EPSS

EPSS: 0.00187