IBM WebSphere Application Server 'addNode.log' Information Disclosure Vulnerability Network Vulnerability

Summary

IBM WebSphere Application Server (WAS) is prone to an information- disclosure vulnerability. A local authenticated attacker can exploit this issue to gain access to sensitive information this may aid in further attacks. Versions prior to WAS 7.0.0.11 are vulnerable.

Solution

Updates are available. Please see the references for details.

References

http://www-01.ibm.com/support/docview.wss?uid=swg1PM10684
http://www-01.ibm.com/support/docview.wss?uid=swg1PM15830
http://www-306.ibm.com/software/websphere/#
https://www.securityfocus.com/bid/40699

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-2326

CVSS	Base Score: 4.3 AV:N/AC:M/Au:N/C:P/I:N/A:N

Related Vulnerabilities

Adobe Reader Plugin Signature Bypass Vulnerability (Mac OS X)
Apple Safari 'Webkit' Multiple Vulnerabilities-01 Mar14 (Mac OS X)
Apple Remote Desktop Information Disclosure Vulnerability
Apache Tomcat Multiple Vulnerabilities-01 (Nov14)
Apache /server-status accessible

Take action and discover your vulnerabilities