IBM WebSphere Application Server 'addNode.log' Information Disclosure Vulnerability Network Vulnerability

Summary

IBM WebSphere Application Server (WAS) is prone to an information- disclosure vulnerability. A local authenticated attacker can exploit this issue to gain access to sensitive information this may aid in further attacks. Versions prior to WAS 7.0.0.11 are vulnerable.

Solution

Updates are available. Please see the references for details.

References

http://www-01.ibm.com/support/docview.wss?uid=swg1PM10684
http://www-01.ibm.com/support/docview.wss?uid=swg1PM15830
http://www-306.ibm.com/software/websphere/#
https://www.securityfocus.com/bid/40699

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-2326

CVSS	Base Score: 4.3 AV:N/AC:M/Au:N/C:P/I:N/A:N

Related Vulnerabilities

Adobe Reader Multiple Unspecified Vulnerabilities Jun06 (Mac OS X)
Apple Safari Multiple Memory Corruption Vulnerabilities-03 Aug14 (Mac OS X)
Adobe Flash Player Unspecified Cross-Site Scripting Vulnerability June-2011 (Linux)
Apache Tomcat servlet/JSP container default files
Apple Safari Secure Cookie Security Bypass Vulnerability (Mac OS X)

Take action and discover your vulnerabilities