The integration server in IBM Integration Bus 9 prior to 9.0.0.6 and 10 prior to 10.0.0.5 and WebSphere Message Broker 8 prior to 8.0.0.8 allows remote malicious users to obtain sensitive Tomcat version information by sending a malformed POST request and then reading the Java stack trace.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm integration bus 10.0.0.4 |
||
ibm integration bus 10.0.0.2 |
||
ibm integration bus 10.0 |
||
ibm integration bus 9.0.0.1 |
||
ibm integration bus 9.0.0.5 |
||
ibm integration bus 9.0.0.4 |
||
ibm integration bus 9.0.0.3 |
||
ibm integration bus 9.0.0.2 |
||
ibm integration bus 10.0.0.3 |
||
ibm integration bus 10.0.0.1 |
||
ibm integration bus 9.0 |
||
ibm websphere message broker 8.0.0.1 |
||
ibm websphere message broker 8.0.0.6 |
||
ibm websphere message broker 8.0.0.5 |
||
ibm websphere message broker 8.0.0.4 |
||
ibm websphere message broker 8.0.0.3 |
||
ibm websphere message broker 8.0.0.7 |
||
ibm websphere message broker 8.0.0.2 |
||
ibm websphere message broker 8.0 |