Websphere Application Server CVE-2006-2436 Remote Security Vulnerability

Websphere Application Server CVE-2006-2436 Remote Security Vulnerability

Websphere Application Server is prone to a remote security vulnerability. WebSphere Application Server 5.0.2 (or any earlier cumulative fix) stores admin and LDAP passwords in plaintext in the FFDC logs when a login to WebSphere fails, which allows attackers to gain privileges.