Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:60177
HistoryJun 04, 2012 - 12:00 a.m.

IBM WebSphere Application 7.0.0.23 Snoop Servlet信息泄露漏洞

2012-06-0400:00:00
Root
www.seebug.org
101

0.003 Low

EPSS

Percentile

64.1%

JSON

Bugtraq ID: 53755
CVE ID:CVE-2012-2170

IBM WebSphere Application Server (WAS)是由IBM遵照开放标准,例如Java EE, XML 还有Web Services,开发并发行的一种应用服务器。与其兼容的Web服务器包括:Apache HTTP Server,Netscape Enterprise Server,Microsoft Internet Information Services (IIS)以及IBM HTTP Server。

WAS 6.1、7.0、8.0在启用了默认Application Snoop Servlet后,缺失访问控制,实现上存在信息泄露漏洞,通过直接的请求利用此漏洞可允许攻击者访问敏感信息。
0
IBM Websphere Application Server 8.0
IBM Websphere Application Server 7.0
IBM Websphere Application Server 6.1
厂商补丁:

IBM

目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:

http://www.ers.ibm.com/

Related

prion 1
cve 1
ibm 4
openvas 1
nessus 3
prion
prion
Design/Logic Flaw
2012-06-20 10:27:00
cve
cve
CVE-2012-2170
2012-06-20 10:27:00
ibm
ibm
Security Bulletin: Notice of IBM WebSphere Application Server security vulnerability fixes for Rational ClearCase and ClearQuest (CVE-2012-2170)
2018-06-17 04:40:45
Security Bulletin: Security Vulnerabilities fixed in IBM WebSphere Application Server 8.0.0.4
2022-09-25 19:56:02
Security Bulletin: Security Vulnerabilities fixed in IBM WebSphere Application Server 7.0.0.23
2022-09-25 22:31:03
openvas
openvas
IBM Websphere Application Server Multiple Vulnerabilities -07 (Jan 2016)
2016-01-19 00:00:00
nessus
nessus
IBM WebSphere Application Server 8.0 < Fix Pack 4 Multiple Vulnerabilities
2012-08-09 00:00:00
IBM WebSphere Application Server 7.0 < Fix Pack 23 Multiple Vulnerabilities
2012-06-27 00:00:00
IBM WebSphere Application Server 6.1 < Fix Pack 45 Multiple Vulnerabilities
2012-10-02 00:00:00

0.003 Low

EPSS

Percentile

64.1%

JSON
Related for SSV:60177
prion1cve1ibm4openvas1nessus3