The host is running IBM WebSphere Application Server and is prone to multiple vulnerabilities.

Successful exploitation will let attackers to conduct cross-site scripting attacks or to obtain sensitive information and cause a denial of service. Impact Level: Application

Upgrade to version 6.1.0.41 or later, For updates refer to http://www-01.ibm.com/support/docview.wss?rs=180&uid=swg24031034

The flaws are due to - An unspecified error exists in a WS-Security policy enabled Java API for XML Web Services (JAX-WS) application. - A Certain unspecified input passed to the web messaging component is not properly sanitised before being returned to the user. - A SibRaRecoverableSiXaResource class in the Default Messaging Component, does not properly handle a Service Integration Bus (SIB) dump operation involving the First Failure Data Capture (FFDC) introspection code.

IBM WebSphere Application Server (WAS) version 6.1 before 6.1.0.41

• http://secunia.com/advisories/46469
• http://xforce.iss.net/xforce/xfdb/72299

---

Updated on 2017-03-28