Information Disclosure Vulnerability in IBM WebSphere Message Broker and Integration Bus
CVE-2014-4819

Currently unrated

Key Information:

Vendor: IBM
Status: Websphere Message Broker
Vendor: CVE Published:; 18 September 2014

Summary

The web user interface of IBM WebSphere Message Broker 8.0 (prior to version 8.0.0.6) and IBM Integration Bus 9.0 (before version 9.0.0.3) contains a flaw that allows authenticated remote users to access sensitive data by exploiting error pages. This could enable an attacker to gather sensitive information that could aid in further attacks, thereby compromising the security posture of affected systems.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/95456

vdb-entryx_refsource_XF

http://www-01.ibm.com/support/docview.wss?uid=swg21682681

x_refsource_CONFIRM

http://secunia.com/advisories/61356

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability published
Sep 18, 2014
Vulnerability Reserved
Jul 9, 2014