CVE-2017-1381Sensitive Information Exposure in IBM Websphere Application Server

CWE-200Sensitive Information Exposure3 documents3 sources
Severity
3.3LOWNVD
EPSS
0.1%
top 82.24%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Websphere Application Server
Timeline
PublishedJul 21
Latest updateMay 14

Description

IBM WebSphere Application Server Proxy Server or On-demand-router (ODR) 7.0, 8.0, 8.5, 9.0 and could allow a local attacker to obtain sensitive information, caused by stale data being cached and then served. IBM X-Force ID: 127152.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:NExploitability: 1.8 | Impact: 1.4

Affected Packages2 packages

NVDibm/websphere_application_server7.0.0.07.0.0.43+3
CVEListV5ibm/websphere_application_server4 versions+3

Patches

Patch: www.ibm.comPatch: www.ibm.com

🔴Vulnerability Details

2
GHSA
GHSA-2m3c-g95m-4qp9: IBM WebSphere Application Server Proxy Server or On-demand-router (ODR) 72022-05-14
CVEList
CVE-2017-1381: IBM WebSphere Application Server Proxy Server or On-demand-router (ODR) 72017-07-21
CVE-2017-1381 — Sensitive Information Exposure in IBM | cvebase