IBM WebSphere Application Server Multiple Vulnerabilities Network Vulnerability

Summary

IBM WebSphere Application Server (WAS) is prone to an information- disclosure vulnerability and to a cross-site scripting vulnerability. This issue affects WAS 6.1 before 6.1.0.35 and 7.0 before 7.0.0.15.

Solution

Vendor updates are available. Please see the references for more information.

References

http://www-01.ibm.com/software/websphere/
http://www-01.ibm.com/support/docview.wss?rs=180&uid=swg27007951
http://xforce.iss.net/xforce/xfdb/58557
http://xforce.iss.net/xforce/xfdb/64554
http://xforce.iss.net/xforce/xfdb/64558
https://www.securityfocus.com/bid/45800
https://www.securityfocus.com/bid/45802

Updated on 2015-03-25

Severity

Classification

CVE CVE-2011-0315, CVE-2011-0316

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:P/I:N/A:N

Related Vulnerabilities

Authentication bypassing in Lotus Domino
GoAhead WebServer Script Source Code Disclosure
CUPS Information Disclosure Vulnerability
HServer Webserver Multiple Directory Traversal Vulnerabilities
bozohttpd Security Bypass Vulnerability

Take action and discover your vulnerabilities