PT-2016-3756 · Ibm · Ibm Websphere Message Broker+1
Published
2016-01-11
·
Updated
2016-12-06
·
CVE-2015-7399
CVSS v2.0
5.0
Medium
| Vector | AV:N/AC:L/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
IBM WebSphere Message Broker versions 7.0.0 through 7.0.0.7
IBM WebSphere Message Broker version 8.0.0 through 8.0.0.5
IBM Integration Bus versions 9.0.0.0 through 9.0.0.2
IBM Integration Bus version 10.0.0.0
Description
The issue allows remote attackers to obtain sensitive information about the HTTP server via unspecified vectors.
Recommendations
For IBM WebSphere Message Broker versions 7.0.0 through 7.0.0.7, update to version 7.0.0.8 or later.
For IBM WebSphere Message Broker version 8.0.0 through 8.0.0.5, update to version 8.0.0.6 or later.
For IBM Integration Bus versions 9.0.0.0 through 9.0.0.2, update to version 9.0.0.3 or later.
For IBM Integration Bus version 10.0.0.0, update to a version later than 10.0.0.0.
Fix
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ibm Integration Bus
Ibm Websphere Message Broker