CVE-2014-0891

Name of the Vulnerable Software and Affected Versions IBM WebSphere Application Server versions 7.0.x through 7.0.0.32 IBM WebSphere Application Server versions 8.0.x through 8.0.0.8 IBM WebSphere Application Server versions 8.5.x through 8.5.5.1

Description The issue allows remote attackers to obtain sensitive information by leveraging incorrect request handling by the (1) Proxy or (2) ODR server in IBM WebSphere Application Server. This vulnerability is related to incorrect request handling, which enables an attacker to access confidential information.

Recommendations For IBM WebSphere Application Server versions 7.0.x through 7.0.0.32, update to version 7.0.0.33 or later. For IBM WebSphere Application Server versions 8.0.x through 8.0.0.8, update to version 8.0.0.9 or later. For IBM WebSphere Application Server versions 8.5.x through 8.5.5.1, update to version 8.5.5.2 or later.