CVE-2010-0769 Information

Description

IBM WebSphere Application Server (WAS) 6.0 before 6.0.2.41 6.1 before 6.1.0.31 and 7.0 before 7.0.0.9 does not properly define wsadmin scripting J2CConnectionFactory objects which allows local users to discover a KeyRingPassword password by reading a cleartext field in the resources.xml file.

Reference

http://secunia.com/advisories/39140 http://www-01.ibm.com/support/docview.wss?uid=swg1PK95089 https://exchange.xforce.ibmcloud.com/vulnerabilities/57185