Sensitive Information Disclosure in IBM WebSphere Application Server by Local Attackers
CVE-2017-1681
3.3LOW
Summary
IBM WebSphere Application Server, specifically the IBM Liberty for Java for Bluemix version 3.15, is impacted by a vulnerability that permits local attackers to gain unauthorized access to sensitive information. This issue arises from improper handling of application requests, potentially allowing attackers to read confidential files on the system. Organizations using this software must evaluate their installation and implement necessary security measures to mitigate exposure.
Affected Version(s)
Liberty for Java for Bluemix 3.15
References
CVSS V3.1
Score:
3.3
Severity:
LOW
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved