CVE-2011-0316 Information

Feb 14, 2021 cve

Description

The Administrative Console component in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.35 and 7.0 before 7.0.0.15 does not properly restrict access to console servlets which allows remote attackers to obtain potentially sensitive status information via a direct request.

Reference

http://secunia.com/advisories/42938 http://www.securityfocus.com/bid/46736 http://www.vupen.com/english/advisories/2011/0564 http://www-01.ibm.com/support/docview.wss?uid=swg1PM24372 http://www-01.ibm.com/support/docview.wss?uid=swg27007951 http://www-01.ibm.com/support/docview.wss?uid=swg27014463 https://exchange.xforce.ibmcloud.com/vulnerabilities/64558

Share on: