CVE-2009-0437

Sažetak

The Installation Factory installation process for IBM WebSphere Application Server (WAS) 6.0.2 on Windows, when WAS is registered as a Windows service, allows local users to obtain sensitive information by reading the logs/instconfigifwas6.log log file.

Reference

http://www.securityfocus.com/bid/33849
http://www-1.ibm.com/support/docview.wss?uid=swg1PK67405
https://exchange.xforce.ibmcloud.com/vulnerabilities/48527

CVSS

Base:	1.9
Impact:	2.9
Exploitability:	3.4

Pristup

Vektor	Složenost	Autentikacija
LOCAL	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	NONE	NONE

CVSS vektor

AV:L/AC:M/Au:N/C:P/I:N/A:N

Zadnje važnije ažuriranje

08-08-2017 - 01:33

Objavljeno

10-02-2009 - 22:30