CVE-2014-6177 Information

Description

IBM WebSphere Service Registry and Repository (WSRR) 7.0.x before 7.0.0.5 and 7.5.x before 7.5.0.3 does not perform access-control checks for depth-0 retrieve operations which allows remote authenticated users to obtain sensitive information via unspecified vectors.

Reference

http://www.ibm.com/support/docview.wss?uid=swg21693381 http://www.ibm.com/support/docview.wss?uid=swg21693384 http://www-01.ibm.com/support/docview.wss?uid=swg1IV24386 https://exchange.xforce.ibmcloud.com/vulnerabilities/98492