CVE Vulnerabilities

CVE-2009-2743

Published: Sep 21, 2009 | Modified: Aug 17, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
2.1 LOW
AV:L/AC:L/Au:N/C:P/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu

IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.27, and 7.0 before 7.0.0.7, does not properly handle an exception occurring after use of wsadmin scripts and configuration of JAAS-J2C Authentication Data, which allows local users to obtain sensitive information by reading the First Failure Data Capture (FFDC) log file.

Affected Software

Name Vendor Start Version End Version
Websphere_application_server Ibm 6.1 6.1
Websphere_application_server Ibm 6.1.0.1 6.1.0.1
Websphere_application_server Ibm 6.1.0.2 6.1.0.2
Websphere_application_server Ibm 6.1.0.3 6.1.0.3
Websphere_application_server Ibm 6.1.0.5 6.1.0.5
Websphere_application_server Ibm 6.1.0.7 6.1.0.7
Websphere_application_server Ibm 6.1.0.9 6.1.0.9
Websphere_application_server Ibm 6.1.0.11 6.1.0.11
Websphere_application_server Ibm 6.1.0.13 6.1.0.13
Websphere_application_server Ibm 6.1.0.15 6.1.0.15
Websphere_application_server Ibm 6.1.0.17 6.1.0.17
Websphere_application_server Ibm 6.1.0.19 6.1.0.19
Websphere_application_server Ibm 6.1.0.21 6.1.0.21
Websphere_application_server Ibm 6.1.0.23 6.1.0.23
Websphere_application_server Ibm 6.1.0.25 6.1.0.25

References