SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Web Server/CGI)  >   IBM WebSphere Vendors:   IBM
IBM WebSphere Application Server Access Control Flaw Lets Remote Users Obtain Information About the Target Proxy Server
SecurityTracker Alert ID:  1033325
SecurityTracker URL:  http://securitytracker.com/id/1033325
CVE Reference:   CVE-2015-1932   (Links to External Site)
Date:  Aug 19 2015
Impact:   Disclosure of system information
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 7, 8, 8.5
Description:   A vulnerability was reported in IBM WebSphere Application Server. A remote user can obtain information about the target proxy server software.

A remote user can obtain information to determine the identity of the proxy server software being used.

Impact:   A remote user can obtain information about the target proxy server software.
Solution:   The vendor has issued a fix (APAR PI38403).

The vendor's advisory is available at:

http://www-01.ibm.com/support/docview.wss?uid=swg21963275

Vendor URL:  www-01.ibm.com/support/docview.wss?uid=swg21963275 (Links to External Site)
Cause:   Access control error
Underlying OS:  Linux (Any), UNIX (AIX), UNIX (HP/UX), UNIX (Solaris - SunOS), Windows (Any), z/OS

Message History:   This archive entry has one or more follow-up message(s) listed below.
Dec 24 2015 (IBM Issues Fix for IBM Tivoli Monitoring) IBM WebSphere Application Server Access Control Flaw Lets Remote Users Obtain Information About the Target Proxy Server
IBM has issued a fix for IBM Tivoli Monitoring.



 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2020, SecurityGlobal.net LLC