IBM WebSphere Application Snoop Servlets Information Disclosure Vulnerability
BID:53755
Info
IBM WebSphere Application Snoop Servlets Information Disclosure Vulnerability
| Bugtraq ID: | 53755 |
| Class: | Access Validation Error |
| CVE: |
CVE-2012-2170 |
| Remote: | Yes |
| Local: | No |
| Published: | Jun 01 2012 12:00AM |
| Updated: | Jun 01 2012 12:00AM |
| Credit: | Reported by the vendor |
| Vulnerable: |
IBM Websphere Application Server 8.0 IBM Websphere Application Server 7.0 IBM Websphere Application Server 6.1 |
| Not Vulnerable: |
IBM Websphere Application Server 8.0.0.4 IBM Websphere Application Server 7.0.0.23 IBM Websphere Application Server 6.1.0.45 |
Discussion
IBM WebSphere Application Snoop Servlets Information Disclosure Vulnerability
IBM WebSphere Application Server (WAS) is prone to an information-disclosure vulnerability.
Exploiting this issue may allow an attacker to access sensitive information that may aid in further attacks.
This issue affects WAS 6.1, 7.0 and 8.0.
IBM WebSphere Application Server (WAS) is prone to an information-disclosure vulnerability.
Exploiting this issue may allow an attacker to access sensitive information that may aid in further attacks.
This issue affects WAS 6.1, 7.0 and 8.0.
Exploit / POC
IBM WebSphere Application Snoop Servlets Information Disclosure Vulnerability
An attacker can exploit this issue through a browser.
An attacker can exploit this issue through a browser.
Solution / Fix
IBM WebSphere Application Snoop Servlets Information Disclosure Vulnerability
Solution:
Vendor updates are available. Please see the references for more information.
Solution:
Vendor updates are available. Please see the references for more information.
References
IBM WebSphere Application Snoop Servlets Information Disclosure Vulnerability
References:
References: