Information Disclosure in IBM WebSphere Message Broker and Integration Bus
CVE-2015-7399

5.3MEDIUM

Key Information:

Vendor
IBM
Status
Integration Bus
Vendor
CVE Published:
11 January 2016

Summary

IBM WebSphere Message Broker and Integration Bus contain a vulnerability that allows remote attackers to gain unauthorized access to sensitive information about the HTTP server. This security flaw can be exploited via unspecified vectors, potentially exposing critical information and increasing the risk of further attacks.

References

http://www-01.ibm.com/support/docview.wss?uid=swg1IC99031
vendor-advisoryx_refsource_AIXAPAR
http://www.securitytracker.com/id/1034999
vdb-entryx_refsource_SECTRACK
http://www-01.ibm.com/support/docview.wss?uid=swg21969672
x_refsource_CONFIRM

CVSS V3.1

Score:
5.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.