IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.27, and 7.0 before 7.0.0.7, does not properly handle an exception occurring after use of wsadmin scripts and configuration of JAAS-J2C Authentication Data, which allows local users to obtain sensitive information by reading the First Failure Data Capture (FFDC) log file.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Websphere_application_server | Ibm | 6.1 | 6.1 |
| Websphere_application_server | Ibm | 6.1.0.1 | 6.1.0.1 |
| Websphere_application_server | Ibm | 6.1.0.2 | 6.1.0.2 |
| Websphere_application_server | Ibm | 6.1.0.3 | 6.1.0.3 |
| Websphere_application_server | Ibm | 6.1.0.5 | 6.1.0.5 |
| Websphere_application_server | Ibm | 6.1.0.7 | 6.1.0.7 |
| Websphere_application_server | Ibm | 6.1.0.9 | 6.1.0.9 |
| Websphere_application_server | Ibm | 6.1.0.11 | 6.1.0.11 |
| Websphere_application_server | Ibm | 6.1.0.13 | 6.1.0.13 |
| Websphere_application_server | Ibm | 6.1.0.15 | 6.1.0.15 |
| Websphere_application_server | Ibm | 6.1.0.17 | 6.1.0.17 |
| Websphere_application_server | Ibm | 6.1.0.19 | 6.1.0.19 |
| Websphere_application_server | Ibm | 6.1.0.21 | 6.1.0.21 |
| Websphere_application_server | Ibm | 6.1.0.23 | 6.1.0.23 |
| Websphere_application_server | Ibm | 6.1.0.25 | 6.1.0.25 |