Design/Logic Flaw

2010-05-0313:51:00

PRIOn knowledge base

www.prio-n.com

6.3 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

23.1%

JSON

IBM WebSphere Application Server (WAS) 6.0.x before 6.0.2.41, 6.1.x before 6.1.0.31, and 7.0.x before 7.0.0.11, when the -trace option (aka debugging mode) is enabled, executes debugging statements that print string representations of unspecified objects, which allows attackers to obtain sensitive information by reading the trace output.

CPENameOperatorVersion
websphere_application_servereq6.0.2.10
websphere_application_servereq6.0.2.1
websphere_application_servereq6.0.2.5
websphere_application_servereq6.0.0.3
websphere_application_servereq6.0.1.15
websphere_application_servereq6.0.1.3
websphere_application_servereq6.0.2.20
websphere_application_servereq6.0.2.13
websphere_application_servereq6.0.2.9
websphere_application_servereq6.0.1.11

Name	Operator	Version
websphere_application_server	eq	6.0.2.10
websphere_application_server	eq	6.0.2.1
websphere_application_server	eq	6.0.2.5
websphere_application_server	eq	6.0.0.3
websphere_application_server	eq	6.0.1.15
websphere_application_server	eq	6.0.1.3
websphere_application_server	eq	6.0.2.20
websphere_application_server	eq	6.0.2.13
websphere_application_server	eq	6.0.2.9
websphere_application_server	eq	6.0.1.11