Security Profile Misconfiguration in IBM Integration Bus and WebSphere Message Broker
CVE-2015-2018

Currently unrated

Key Information:

Vendor: IBM
Status: Websphere Message Broker; Integration Bus
Vendor: CVE Published:; 23 August 2015

What is CVE-2015-2018?

IBM Integration Bus and WebSphere Message Broker contain a vulnerability that allows remote authenticated users to access sensitive information due to improper selection of the correct security profile. This misconfiguration can potentially lead to unauthorized disclosure of sensitive data through unspecified vectors. Organizations using these products should apply the appropriate updates and patches to mitigate the associated risks.

References

http://www-01.ibm.com/support/docview.wss?uid=swg21961734

x_refsource_CONFIRM

http://www-01.ibm.com/support/docview.wss?uid=swg1IT07773

vendor-advisoryx_refsource_AIXAPAR

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 23, 2015
Vulnerability Reserved
Feb 19, 2015