Summary
IBM WebSphere Application Server (WAS) is prone to an information- disclosure vulnerability.
Exploiting this issue may allow an attacker to access sensitive information that may aid in further attacks.
This issue affects WAS 6.0, 6.1, and 7.0.
Solution
For IBM WebSphere Application Server 7.0:
Apply the latest Fix Pack (7.0.0.11 or later). See References.
For IBM WebSphere Application Server 6.1:
Apply the latest Fix Pack (6.1.0.31 or later). See References.
For IBM WebSphere Application Server 6.0:
Apply the latest Fix Pack (6.0.2.43 or later). See References.
References
Severity
Classification
-
CVE CVE-2010-0774, CVE-2010-0775, CVE-2010-0776, CVE-2010-0777 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P
Related Vulnerabilities
- Apache Tomcat Cross-Site Scripting and Security Bypass Vulnerabilities
- 2532|Gigs Directory Traversal And SQL Injection Multiple Vulnerabilities
- Apache Tomcat SecurityConstraints Security Bypass Vulnerability
- Apache Archiva Cross Site Request Forgery Vulnerability
- Apache Archiva Home Page Cross-Site Scripting vulnerability