Lucene search
MitreCVE-2011-5066HistoryJan 15, 2012 - 3:55 a.m.
CVE-2011-5066
2012-01-1503:55:13
CWE-200
mitre
web.nvd.nist.gov
30
ibm
ibm websphere application server
ibm was
6.1
sibrarecoverablesixaresource
ffdc
log file
sensitive information
security vulnerability
nvd
cve-2011-5066
CVSS2
2.1
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
AI Score
5.6
Confidence
Low
EPSS
0
Percentile
5.1%
The SibRaRecoverableSiXaResource class in the Default Messaging Component in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.41 does not properly handle a Service Integration Bus (SIB) dump operation involving the First Failure Data Capture (FFDC) introspection code, which allows local users to obtain sensitive information by reading the FFDC log file.
Affected configurations
Node
ibmwebsphere_application_serverMatch6.1
ORibmwebsphere_application_serverMatch6.1.0
ORibmwebsphere_application_serverMatch6.1.0.0
ORibmwebsphere_application_serverMatch6.1.0.1
ORibmwebsphere_application_serverMatch6.1.0.2
ORibmwebsphere_application_serverMatch6.1.0.3
ORibmwebsphere_application_serverMatch6.1.0.5
ORibmwebsphere_application_serverMatch6.1.0.7
ORibmwebsphere_application_serverMatch6.1.0.9
ORibmwebsphere_application_serverMatch6.1.0.11
ORibmwebsphere_application_serverMatch6.1.0.12
ORibmwebsphere_application_serverMatch6.1.0.15
ORibmwebsphere_application_serverMatch6.1.0.17
ORibmwebsphere_application_serverMatch6.1.0.19
ORibmwebsphere_application_serverMatch6.1.0.21
ORibmwebsphere_application_serverMatch6.1.0.23
ORibmwebsphere_application_serverMatch6.1.0.25
ORibmwebsphere_application_serverMatch6.1.0.27
ORibmwebsphere_application_serverMatch6.1.0.29
ORibmwebsphere_application_serverMatch6.1.0.31
ORibmwebsphere_application_serverMatch6.1.0.33
ORibmwebsphere_application_serverMatch6.1.0.35
ORibmwebsphere_application_serverMatch6.1.0.37
ORibmwebsphere_application_serverMatch6.1.0.39
ORibmwebsphere_application_serverMatch6.1.1
ORibmwebsphere_application_serverMatch6.1.3
ORibmwebsphere_application_serverMatch6.1.5
ORibmwebsphere_application_serverMatch6.1.6
ORibmwebsphere_application_serverMatch6.1.7
ORibmwebsphere_application_serverMatch6.1.13
ORibmwebsphere_application_serverMatch6.1.14
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ibm | websphere_application_server | 6.1 | cpe:2.3:a:ibm:websphere_application_server:6.1:*:*:*:*:*:*:* |
| ibm | websphere_application_server | 6.1.0 | cpe:2.3:a:ibm:websphere_application_server:6.1.0:*:*:*:*:*:*:* |
| ibm | websphere_application_server | 6.1.0.0 | cpe:2.3:a:ibm:websphere_application_server:6.1.0.0:*:*:*:*:*:*:* |
| ibm | websphere_application_server | 6.1.0.1 | cpe:2.3:a:ibm:websphere_application_server:6.1.0.1:*:*:*:*:*:*:* |
| ibm | websphere_application_server | 6.1.0.2 | cpe:2.3:a:ibm:websphere_application_server:6.1.0.2:*:*:*:*:*:*:* |
| ibm | websphere_application_server | 6.1.0.3 | cpe:2.3:a:ibm:websphere_application_server:6.1.0.3:*:*:*:*:*:*:* |
| ibm | websphere_application_server | 6.1.0.5 | cpe:2.3:a:ibm:websphere_application_server:6.1.0.5:*:*:*:*:*:*:* |
| ibm | websphere_application_server | 6.1.0.7 | cpe:2.3:a:ibm:websphere_application_server:6.1.0.7:*:*:*:*:*:*:* |
| ibm | websphere_application_server | 6.1.0.9 | cpe:2.3:a:ibm:websphere_application_server:6.1.0.9:*:*:*:*:*:*:* |
| ibm | websphere_application_server | 6.1.0.11 | cpe:2.3:a:ibm:websphere_application_server:6.1.0.11:*:*:*:*:*:*:* |
Related
prion
prion
Default configuration
2012-01-15 03:55:00
nvd
nvd
CVE-2011-5066
2012-01-15 03:55:13
cvelist
cvelist
CVE-2011-5066
2012-01-15 02:00:00
openvas
openvas
IBM WebSphere Application Server (WAS) Multiple Vulnerabilities - (Jan2012)
2012-01-18 00:00:00
IBM WebSphere Application Server (WAS) Multiple Vulnerabilities (Jan 2012)
2012-01-18 00:00:00
nessus
nessus
IBM WebSphere Application Server 6.1 < 6.1.0.41 Multiple Vulnerabilities
2012-01-19 00:00:00
CVSS2
2.1
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
AI Score
5.6
Confidence
Low
EPSS
0
Percentile
5.1%
Related for CVE-2011-5066