CVE-2009-1900 Information
Description
The Configservice APIs in the Administrative Console component in IBM WebSphere Application Server (WAS) 6.0.2 before 6.0.2.35 6.1 before 6.1.0.25 and 7.0 before 7.0.0.5 when tracing is enabled allow remote attackers to obtain sensitive information via unspecified use of the wsadmin scripting tool.
Reference
http://secunia.com/advisories/35301 http://www.securityfocus.com/bid/35405 http://www.vupen.com/english/advisories/2009/1464 http://www-01.ibm.com/support/docview.wss?uid=swg27006876 http://www-01.ibm.com/support/docview.wss?uid=swg27007951 http://www-01.ibm.com/support/docview.wss?uid=swg27014463 http://www-1.ibm.com/support/docview.wss?uid=swg1PK84999 https://exchange.xforce.ibmcloud.com/vulnerabilities/51171 https://exchange.xforce.ibmcloud.com/vulnerabilities/52077
Share on: