| Vulnerability Name: | CVE-2014-4819 (CCN-95456) | ||||||||
| Assigned: | 2014-09-10 | ||||||||
| Published: | 2014-09-10 | ||||||||
| Updated: | 2017-08-29 | ||||||||
| Summary: | The web user interface in IBM WebSphere Message Broker 8.0 before 8.0.0.6 and IBM Integration Bus 9.0 before 9.0.0.3 allows remote authenticated users to obtain sensitive information by reading the error page. | ||||||||
| CVSS v3 Severity: | 3.5 Low (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N)
| ||||||||
| CVSS v2 Severity: | 4.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:S/C:P/I:N/A:N) 3.0 Low (Temporal CVSS v2 Vector: AV:N/AC:L/Au:S/C:P/I:N/A:N/E:U/RL:OF/RC:C)
3.0 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:S/C:P/I:N/A:N/E:U/RL:OF/RC:C)
| ||||||||
| Vulnerability Type: | CWE-200 | ||||||||
| Vulnerability Consequences: | Obtain Information | ||||||||
| References: | Source: MITRE Type: CNA CVE-2014-4819 Source: SECUNIA Type: UNKNOWN 61356 Source: AIXAPAR Type: UNKNOWN IT03097 Source: CCN Type: IBM Security Bulletin 168268 Websphere Message Broker and IBM Integration Bus are affected by error handling vulnerability Source: CONFIRM Type: Vendor Advisory http://www-01.ibm.com/support/docview.wss?uid=swg21682681 Source: CCN Type: BID-69875 IBM Websphere Message Broker and Integration Bus CVE-2014-4819 Information Disclosure Vulnerability Source: XF Type: UNKNOWN ibm-websphere-cve20144819-info-disc(95456) Source: XF Type: UNKNOWN ibm-websphere-cve20144819-info-disc(95456) | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration 2: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| BACK | |||||||||