CVE-2013-0599

Name of the Vulnerable Software and Affected Versions IBM Eclipse Help System (IEHS) versions 5.1.1 through 5.1.1.2 IBM Eclipse Help System (IEHS) versions 5.2 through 5.2.1

Description The issue allows remote attackers to obtain sensitive information by providing a crafted parameter path and then reading the debug information associated with the 500 HTTP status code.

Recommendations For versions 5.1.1 through 5.1.1.2, consider restricting access to debug information to minimize the risk of exploitation. For versions 5.2 through 5.2.1, avoid using crafted parameter paths in API endpoints until the issue is resolved. As a temporary workaround, consider disabling debug information for the 500 HTTP status code until a patch is available.