PatchSiren cyber security CVE debrief
CVE-2015-5013 IBM CVE debrief
IBM Security Access Manager appliances exposed configuration files that contained obfuscated plaintext passwords to authenticated users, creating an information-disclosure risk. The issue maps to CWE-522 and is scored medium severity because it requires local access and low privileges, but successful access could reveal sensitive credentials.
- Vendor
- IBM
- Product
- CVE-2015-5013
- CVSS
- MEDIUM 5.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2017-02-08
- Original CVE updated
- 2026-05-13
- Advisory published
- 2017-02-08
- Advisory updated
- 2026-05-13
Who should care
IBM Security Access Manager administrators, IAM and security operations teams, and anyone managing affected appliance or firmware deployments, especially environments where configuration files may be readable by authenticated users.
Technical summary
NVD describes a credential exposure issue in IBM Security Access Manager appliance configuration files: obfuscated plaintext passwords could be accessed by authenticated users. The NVD record maps the flaw to CWE-522 and lists affected IBM Security Access Manager for Web 8.0 firmware, Security Access Manager for Mobile, and Security Access Manager 9.0 firmware CPEs. The CVSS v3.1 vector (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N) indicates a local, low-privilege information disclosure with high confidentiality impact and no direct integrity or availability impact.
Defensive priority
Medium. The vulnerability is not network-exploitable, but exposed credentials can create downstream account compromise or lateral movement risk if affected config files are reachable.
Recommended defensive actions
- Review the IBM PSIRT advisory and apply the vendor-provided patch or remediation guidance for CVE-2015-5013.
- Restrict and audit authenticated access to appliance configuration files, backups, and exports.
- Rotate any passwords or secrets that may have been stored in or exposed through the affected configuration files.
- Validate file permissions and access controls on IBM Security Access Manager appliance deployments.
- Check for similar credential storage patterns in related admin scripts, backups, or configuration bundles.
Evidence notes
All facts here come from the NVD CVE record and IBM PSIRT references. The NVD description states that IBM Security Access Manager appliance configuration files contained obfuscated plaintext passwords accessible to authenticated users. NVD maps the issue to CWE-522 and provides CVSS v3.1 AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N. IBM's advisory link and third-party references are included in the record.
Official resources
-
CVE-2015-5013 CVE record
CVE.org
-
CVE-2015-5013 NVD detail
NVD
-
Source item URL
nvd_modified
-
Mitigation or vendor reference
[email protected] - Patch, Vendor Advisory
-
Mitigation or vendor reference
[email protected] - Third Party Advisory, VDB Entry
-
Mitigation or vendor reference
[email protected] - Third Party Advisory, VDB Entry
Public CVE record. NVD lists the entry as published on 2017-02-08 and modified on 2026-05-13; this debrief reflects that public record and the linked IBM advisory.