3 matches found
Security Bulletin: Integration server HTTP listener exposes stack trace in WebSphere Message Broker and IBM Integration Bus
Summary Integration server HTTP listener exposes stack trace in WebSphere Message Broker and IBM Integration Bus Vulnerability Details CVEID: CVE-2016-2961 DESCRIPTION: IBM Integration Bus uses the Apache Tomcat server for serving HTTP requests for the HTTPInput and SOAPInput nodes. A vulnerabili...
CVE-2016-2961
The integration server in IBM Integration Bus 9 before 9.0.0.6 and 10 before 10.0.0.5 and WebSphere Message Broker 8 before 8.0.0.8 allows remote attackers to obtain sensitive Tomcat version information by sending a malformed POST request and then reading the Java stack trace...
CVE-2016-2961
The CVE-2016-2961 issue affects IBM Integration Bus and WebSphere Message Broker where an unauthenticated remote attacker can send a malformed HTTP POST to the integration server HTTP listener and read the Java stack trace to identify the running Tomcat version. Affected products and versions inc...