Information Disclosure in IBM WebSphere Partner Gateway
CVE-2009-0897

Currently unrated

Key Information:

Vendor: IBM
Status: Websphere Partner Gateway
Vendor: CVE Published:; 21 May 2009

What is CVE-2009-0897?

IBM WebSphere Partner Gateway versions 6.1.0 and 6.1.1 prior to their respective patch updates are susceptible to an information disclosure vulnerability. This flaw permits remote authenticated users to access sensitive data through certain vectors related to the schema DB2 instance id and the archiver script. Proper attention and prompt updates are necessary to mitigate these risks.

References

http://www-01.ibm.com/support/docview.wss?uid=swg21366016

vendor-advisoryx_refsource_AIXAPAR

http://www.securityfocus.com/bid/35136

vdb-entryx_refsource_BID

https://exchange.xforce.ibmcloud.com/vulnerabilities/50643

vdb-entryx_refsource_XF

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 21, 2009
Vulnerability Reserved
Mar 14, 2009