IBM WebSphere Message Broker 6.1.x prior to 6.1.0.2 writes a database connection password to the Event Log and System Log during exception handling for a JDBC error, which allows local users to obtain sensitive information by reading these logs.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm websphere message broker 6.1 |
||
ibm websphere message broker |