2 matches found
Security Bulletin: Websphere Message Broker and IBM Integration Bus are affected by error handling vulnerability
Summary WebSphere Message Broker and IBM Integration Bus; web user interface error page returns detailed error information. Vulnerability Details CVE-ID: CVE-2014-4819 CVSS Base Score: 4 CVSS Temporal Score: See for the current score CVSS Environmental Score: Undefined CVSS Vector:...
CVE-2014-4819
This CVE (CVE-2014-4819) affects IBM WebSphere® Message Broker 8.0 prior to 8.0.0.6 and IBM Integration Bus 9.0 prior to 9.0.0.3. The root cause is that the web UI exposes information via error pages, enabling remote authenticated users to read sensitive data. IBM’s bulletin confirms the affected...