Information disclosure

2009-02-1022:30:00

PRIOn knowledge base

www.prio-n.com

6.4 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

70.2%

JSON

The installation process for the File Transfer servlet in the System Management/Repository component in IBM WebSphere Application Server (WAS) 6.1.x before 6.1.0.19 does not enable the secure version, which allows remote attackers to obtain sensitive information via unspecified vectors.

CPENameOperatorVersion
websphere_application_servereq6.1.0.2
websphere_application_servereq6.1.0.11
websphere_application_servereq6.1.0.9
websphere_application_servereq6.1.0.1
websphere_application_servereq6.1.0.7
websphere_application_servereq6.1.0.3
websphere_application_servereq6.1.0.17
websphere_application_servereq6.1.0.13
websphere_application_servereq6.1.0.15
websphere_application_servereq6.1.0.5

Name	Operator	Version
websphere_application_server	eq	6.1.0.2
websphere_application_server	eq	6.1.0.11
websphere_application_server	eq	6.1.0.9
websphere_application_server	eq	6.1.0.1
websphere_application_server	eq	6.1.0.7
websphere_application_server	eq	6.1.0.3
websphere_application_server	eq	6.1.0.17
websphere_application_server	eq	6.1.0.13
websphere_application_server	eq	6.1.0.15
websphere_application_server	eq	6.1.0.5