PT-2015-3826 · Ibm · Ibm Websphere Message Broker+1

Publicado

2015-02-02

Atualizado

2017-09-08

CVE-2014-6170

CVSS v2.0

5.0

Média

Vetor

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions IBM WebSphere Message Broker versions 7.0 through 7.0.0.7 IBM WebSphere Message Broker version 8.0 through 8.0.0.5 IBM Integration Bus versions 9.0 through 9.0.0.3

Description The issue allows remote attackers to obtain sensitive information by triggering a SOAP fault, specifically affecting the HTTPInput node.

Recommendations For IBM WebSphere Message Broker versions 7.0 through 7.0.0.7, update to version 7.0.0.8 or later. For IBM WebSphere Message Broker version 8.0 through 8.0.0.5, update to version 8.0.0.6 or later. For IBM Integration Bus versions 9.0 through 9.0.0.3, update to version 9.0.0.4 or later.

Correção

Information Disclosure

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-200

Identificadores relacionados

CVE-2014-6170

Produtos afetados

Ibm Integration Bus

Ibm Websphere Message Broker

PT-2015-3826 · Ibm · Ibm Websphere Message Broker+1

CVE-2014-6170

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 4