CVE-2008-0740

Properties

Published:
11.02.2008
Updated:
13.02.2008
Patch available:
Severity:
Low
  • CVSS vector:
    (AV:L/AC:L/Au:N/C:P/I:N/A:N)
    Product:
    IBM: WebSphere Application Server

    Vulnerability description

    IBM WebSphere Application Server (WAS) before 6.0.2 Fix Pack 25 (6.0.2.25) writes unspecified cleartext information to http_plugin.log, which might allow local users to obtain sensitive information by reading this file.

    References:

    http://www-1.ibm.com/support/docview.wss?uid=swg27006876: http://www-1.ibm.com/support/docview.wss?uid=swg27006876
    FRSIRT: http://www.frsirt.com/english/advisories/2008/0241