Summary
The IBM WebSphere Application Server is prone to an unspecified remote information-disclosure vulnerability because of improper handling of SOAP responses.
Impact
Attackers can exploit this issue to obtain sensitive information that may lead to further attacks.
Solution
Updates are available.
Affected
The following versions are vulnerable:
IBM WebSphere Application Server 8.5.0.0 through 8.5.5.1 IBM WebSphere Application Server 8.0.0.0 through 8.0.0.8 IBM WebSphere Application Server 7.0.0.0 through 7.0.0.31
Detection
Check the version
References
Severity
Classification
-
CVE CVE-2014-0965, CVE-2014-3022 -
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:P/I:N/A:N
Related Vulnerabilities