CVE-2009-0437 β€” Sensitive Information Exposure in IBM Websphere Application Server

CWE-200 β€” Sensitive Information Exposure8 documents4 sources
Severity
1.9LOWNVD
EPSS
0.1%
top 82.69%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Websphere Application Server
Timeline
PublishedFeb 10
Latest updateMay 2

Description

The Installation Factory installation process for IBM WebSphere Application Server (WAS) 6.0.2 on Windows, when WAS is registered as a Windows service, allows local users to obtain sensitive information by reading the logs/instconfigifwas6.log log file.

CVSS vector

AV:L/AC:M/C:P/I:N/A:NExploitability: 3.4 | Impact: 2.9

Affected Packages1 packages

πŸ”΄Vulnerability Details

2
GHSA
GHSA-jjqf-3g8v-g44j: The Installation Factory installation process for IBM WebSphere Application Server (WAS) 6β†—2022-05-02
β–Ά
CVEList
CVE-2009-0437: The Installation Factory installation process for IBM WebSphere Application Server (WAS) 6β†—2009-02-10
β–Ά

πŸ’¬Community

2
Bugzilla
CVE-2009-1312 Firefox allows Refresh header to redirect to javascript: URIs↗2009-04-17
β–Ά
Bugzilla
CVE-2009-1306 Firefox jar: scheme ignores the content-disposition: header on the inner URI↗2009-04-17
β–Ά
CVE-2009-0437 β€” Sensitive Information Exposure in IBM | cvebase