WebSphere Application Server 5.0.2 (or any earlier cumulative fix) stores admin and LDAP passwords in plaintext in the FFDC logs when a login to WebSphere fails, which allows malicious users to gain privileges.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm websphere application server 5.0.0 |
||
ibm websphere application server 5.0.1 |
||
ibm websphere application server 5.0.2 |