Summary
The IBM WebSphere Application Server is prone to an unspecified remote information-disclosure vulnerability because of improper handling of SOAP responses.
Impact
Attackers can exploit this issue to obtain sensitive information that may lead to further attacks.
Solution
Updates are available.
Affected
The following versions are vulnerable:
IBM WebSphere Application Server 8.5.0.0 through 8.5.5.1 IBM WebSphere Application Server 8.0.0.0 through 8.0.0.8 IBM WebSphere Application Server 7.0.0.0 through 7.0.0.31
Detection
Check the version
References
Severity
Classification
-
CVE CVE-2014-0965, CVE-2014-3022 -
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:P/I:N/A:N
Related Vulnerabilities
- Apache Struts Cross Site Scripting Vulnerability
- Apache Continuum Cross Site Scripting Vulnerability
- Apache Tomcat cal2.jsp Cross Site Scripting Vulnerability
- 1024 CMS 1.1.0 Beta 'force_download.php' Local File Include Vulnerability
- Apache Struts CookBook/Examples Multiple Cross-Site Scripting Vulnerabilities