Vigil@nce - WebSphere AS: information disclosure via Server Identification
November 2016 by Vigil@nce
This bulletin was written by Vigil@nce : https://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can bypass access restrictions to data via Server
Identification of WebSphere AS, in order to obtain sensitive
information.
Impacted products: Tivoli System Automation, WebSphere AS, IBM
WebSphere ESB.
Severity: 2/4.
Creation date: 16/09/2016.
DESCRIPTION OF THE VULNERABILITY
An attacker can bypass access restrictions to data via Server
Identification of WebSphere AS, in order to obtain sensitive
information.
Technical details are unknown.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN