IBM WebSphere Portal 6.1.0 up to and including 6.1.0.6 CF27, 6.1.5 up to and including 6.1.5.3 CF27, 7.0 up to and including 7.0.0.2 CF28, 8.0 up to and including 8.0.0.1 CF14, and 8.5.0 before CF03 provides different web-server error codes depending on whether a requested file exists, which allows remote malicious users to determine the validity of filenames via a series of requests.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm websphere portal 6.1.0.5 |
||
ibm websphere portal 6.1.0.6 |
||
ibm websphere portal 8.0.0.0 |
||
ibm websphere portal 8.0.0.1 |
||
ibm websphere portal 6.1.0.3 |
||
ibm websphere portal 6.1.0.4 |
||
ibm websphere portal 7.0.0.1 |
||
ibm websphere portal 7.0.0.2 |
||
ibm websphere portal 6.1.0.0 |
||
ibm websphere portal 6.1.5.0 |
||
ibm websphere portal 6.1.5.1 |
||
ibm websphere portal 6.1.5.2 |
||
ibm websphere portal 8.5.0.0 |
||
ibm websphere portal 6.1.0.1 |
||
ibm websphere portal 6.1.0.2 |
||
ibm websphere portal 6.1.5.3 |
||
ibm websphere portal 7.0.0.0 |