Information Disclosure Vulnerability in IBM WebSphere Application Server and Virtual Enterprise
CVE-2015-1932

Currently unrated

Key Information:

Vendor
IBM
Vendor
CVE Published:
22 August 2015

Summary

IBM WebSphere Application Server and WebSphere Virtual Enterprise are susceptible to a vulnerability that allows remote attackers to retrieve potentially sensitive information. This is achieved by exploiting the HTTP Via header, which may reveal details about the proxy-server software configured in the application. Users of affected versions are strongly urged to update to the latest releases to mitigate the risk of exposing critical information to malicious actors.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.