IBM Sterling External Authentication Server could allow a remote attacker to obtain sensitive information. During error conditions, IBM Sterling External Authentication Server may allow a malicious internal user to obtain product information which could be used to design further attacks.