IBM WebSphere Application Server 'IsSecurityEnabled' Flag Information Disclosure Vulnerability

IBM WebSphere Application Server (WAS) is prone to an information-disclosure vulnerability because it fails to properly set a configuration flag.

Exploiting this issue may allow an attacker to obtain sensitive information that may aid in further attacks.

Versions prior to WAS 6.1.0.25 and 7.0.0.5 are vulnerable.


 

Privacy Statement
Copyright 2010, SecurityFocus