CVE-2012-2170 Information

Description

The Application Snoop Servlet in IBM WebSphere Application Server 7.0 before 7.0.0.23 does not properly restrict access which allows remote attackers to obtain sensitive client and request information via a direct request.

Reference

http://www.ibm.com/support/docview.wss?uid=swg1PM56183 http://www.ibm.com/support/docview.wss?uid=swg21595172 https://exchange.xforce.ibmcloud.com/vulnerabilities/75234