IBM Security Bulletin: IBM InfoSphere Information Server sometimes records sensitive data when an installation fails (CVE-2013-5440)
In certain situations after a specific error has been encountered and InfoSphere Information Server installation fails, sensitive data is recorded in a file. For releases 8.5 and earlier this vulnerability can occur only when updating an existing installation with maintenance. For releases 8.7and onwards, this vulnerability can occur when performing all types of installations including new installations, adding of components not previously installed and updating an existing installation with maintenance. If the installation does not fail no sensitive information will be recorded and there is no vulnerability.
IBM InfoSphere Information Server Versions 8.0, 8.1, 8.5, 8.7, and 9.1 running on all platforms