Information Disclosure in IBM Eclipse Help System for Rational Directory Server
CVE-2013-0599

Currently unrated

Key Information:

Vendor: IBM
Status: Rational Directory Server
Vendor: CVE Published:; 28 May 2013

Summary

The IBM Eclipse Help System, utilized by IBM Rational Directory Server versions 5.1.1 to 5.1.1.2 and 5.2 to 5.2.1, is susceptible to a vulnerability that allows remote attackers to access sensitive information. By crafting specific parameter paths, an attacker can exploit the system to read the debug information tied to the 500 HTTP status code, potentially exposing confidential data.

References

http://www.securityfocus.com/bid/60107

vdb-entryx_refsource_BID

https://exchange.xforce.ibmcloud.com/vulnerabilities/83613

vdb-entryx_refsource_XF

http://www-01.ibm.com/support/docview.wss?uid=swg21637151

x_refsource_CONFIRM

Timeline

Vulnerability published
May 28, 2013
Vulnerability Reserved
Dec 16, 2012