PerfServlet in the PMI/Performance Tools component in IBM WebSphere Application Server (WAS) 7 prior to 7.0.0.1 allows malicious users to obtain sensitive information by reading the (1) systemout.log and (2) ffdc files. NOTE: this is probably a duplicate of CVE-2009-0434.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm websphere application server |