CVE-2009-0437 Information

Description

The Installation Factory installation process for IBM WebSphere Application Server (WAS) 6.0.2 on Windows when WAS is registered as a Windows service allows local users to obtain sensitive information by reading the logs/instconfigifwas6.log log file.

Reference

http://www.securityfocus.com/bid/33849 http://www-1.ibm.com/support/docview.wss?uid=swg1PK67405 https://exchange.xforce.ibmcloud.com/vulnerabilities/48527