CVE-2014-4819

CWE-200 — Information Exposure3 documents3 sources

Severity

4.0MEDIUM

EPSS

0.3%

top 50.02%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Integration BUS IBM Websphere Message Broker

Timeline

PublishedSep 18

Latest updateMay 17

Description

The web user interface in IBM WebSphere Message Broker 8.0 before 8.0.0.6 and IBM Integration Bus 9.0 before 9.0.0.3 allows remote authenticated users to obtain sensitive information by reading the error page.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 8.0 | Impact: 2.9

Affected Packages2 packages

▶NVDibm/websphere_message_broker6 versions+5

▶NVDibm/integration_bus9.0, 9.0.0.1, 9.0.0.2+2

🔴Vulnerability Details

GHSA

GHSA-pfh5-6wgp-2frw: The web user interface in IBM WebSphere Message Broker 8↗2022-05-17

▶

CVEList

CVE-2014-4819: The web user interface in IBM WebSphere Message Broker 8↗2014-09-18

▶