Information Disclosure Vulnerability in IBM WebSphere Application Server and Virtual Enterprise
CVE-2015-1932
Currently unrated
Summary
IBM WebSphere Application Server and WebSphere Virtual Enterprise are susceptible to a vulnerability that allows remote attackers to retrieve potentially sensitive information. This is achieved by exploiting the HTTP Via header, which may reveal details about the proxy-server software configured in the application. Users of affected versions are strongly urged to update to the latest releases to mitigate the risk of exposing critical information to malicious actors.
References
Timeline
Vulnerability published
Vulnerability Reserved