IBM WebSphere Application Server Administration Console Information Disclosure
Secunia Advisory SA45749
Release Date 2011-08-30
Criticality level Less criticalLess critical
Impact Exposure of sensitive information
Where From local network
Authentication level Available in Customer Area
Report reliability Available in Customer Area
Solution Status Vendor Patch
Systems affected Available in Customer Area
Approve distribution Available in Customer Area
Software:
IBM WebSphere Application Server 6.1.x
IBM WebSphere Application Server 7.0.x
IBM WebSphere Application Server 8.0.x
Secunia CVSS Score Available in Customer Area
CVE Reference(s) No CVE references.
Description
A vulnerability has been reported in IBM WebSphere Application Server, which can be exploited by malicious users to disclose potentially sensitive information.
The vulnerability is caused due to an unspecified error in the administration console and can be exploited to view restricted files.
The vulnerability is reported in versions 6.1.0.0 through 6.1.0.39, 7.0.0.0 through 7.0.0.18, and 8.0.0.0.
Solution
Apply fixes. Please see vendor's advisory for more details.
Provided and/or discovered by
Reported by the vendor
Original Advisory
http://www.ibm.com/support/docview.wss?uid=swg21509257
Posljednje sigurnosne preporuke