Information Exposure in IBM WebSphere Message Broker by IBM
CVE-2017-1126

5.3MEDIUM

Key Information:

Vendor
IBM
Status
Integration Bus
Vendor
CVE Published:
4 October 2017

Summary

IBM WebSphere Message Broker versions 9.0 and 10.0 may be susceptible to unauthorized access, allowing attackers to view sensitive information about software versions. This exposure could facilitate further attacks on the system, potentially compromising its integrity and security. Organizations using affected versions should assess their security posture and consider applying relevant patches to mitigate risks.

Affected Version(s)

Integration Bus 9.0

Integration Bus 10.0

References

http://www.securityfocus.com/bid/101104
vdb-entryx_refsource_BID
http://www.ibm.com/support/docview.wss?uid=swg22008470
x_refsource_CONFIRM
https://exchange.xforce.ibmcloud.com/vulnerabilities/121341
x_refsource_MISC

CVSS V3.1

Score:
5.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.