IBM969AE583ADF743E665FC0A7EDE9ACC7F870F5CFE3256BE1068064EDD037B6923Security Bulletin: The WebAdmin context for WebSphere Message Broker Version 8 allows directory listings (CVE-2016-6080)
0.001 Low
EPSS
Percentile
29.3%
Summary
The WebAdmin context for WebSphere Message Broker Version 8 allows directory listings.
Vulnerability Details
CVEID: CVE-2016-6080**
DESCRIPTION:** The WebAdmin context for WebSphere Message Broker allows directory listings, which could disclose sensitive information to the attacker.
CVSS Base Score: 5.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/117560 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
Affected Products and Versions
WebSphere Message Broker V8
Remediation/Fixes
Product
| VRMF|APAR|Remediation/Fix
—|—|—|—
WebSphere Message Broker | V8| IT16698| The APAR is available in Fix Pack 8.0.0.8
<https://www-304.ibm.com/support/docview.wss?uid=swg24042925>
For unsupported versions of the product, IBM recommends upgrading to a fixed, supported version/release/platform of the product.
The planned maintenance release dates for WebSphere Message Broker and IBM Integration Bus are available at :
http://www.ibm.com/support/docview.wss?uid=swg27006308
Workarounds and Mitigations
None
| CPE | Name | Operator | Version |
|---|---|---|---|
| websphere message broker | eq | 8.0 |
Related
0.001 Low
EPSS
Percentile
29.3%