CVE-2006-4136 — Sensitive Information Exposure in IBM Websphere Application Server

CWE-200 — Sensitive Information Exposure CWE-2643 documents3 sources

Severity

7.5HIGHNVD

EPSS

0.7%

top 28.72%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Websphere Application Server

Timeline

PublishedAug 14

Latest updateMay 1

Description

Multiple unspecified vulnerabilities in IBM WebSphere Application Server before 6.1.0.1 have unspecified impact and attack vectors involving (1) "SOAP requests and responses", (2) mbean, (3) ThreadIdentitySupport, and possibly others.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

▶NVDibm/websphere_application_server6.1.0.0+15

Patches

Patch: secunia.com ↗Patch: www-1.ibm.com ↗Patch: www-1.ibm.com ↗

🔴Vulnerability Details

GHSA

GHSA-rjwx-m7rg-3cgx: Multiple unspecified vulnerabilities in IBM WebSphere Application Server before 6↗2022-05-01

▶

CVEList

CVE-2006-4136: Multiple unspecified vulnerabilities in IBM WebSphere Application Server before 6↗2006-08-14

▶