Lucene search
IBM6A5FBF895E64A9F4A8EDDD72CB65AF2133FF8360CBE8031BB6476221CD388370HistoryMar 23, 2020 - 8:41 p.m.
Security Bulletin: Websphere Message Broker and IBM Integration Bus are affected by error handling vulnerability
2020-03-2320:41:52
www.ibm.com
5
0.001 Low
EPSS
Percentile
49.7%
Summary
WebSphere Message Broker and IBM Integration Bus; web user interface error page returns detailed error information.
Vulnerability Details
**CVE-ID:*CVE-2014-4819
CVSS Base Score: 4
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/95456> for the current score
CVSS Environmental Score: Undefined
CVSS Vector: (AV:N/AC:L/Au:S/C:P/I:N/A:N)
Affected Products and Versions
WebSphere Message Broker V8.0
IBM Integration Bus V9.0
Remediation/Fixes
Apply APAR IT03097
For IBM Integration Bus V9.0, the APAR is targeted to be available in fix pack 9.0.0.3
For WebSphere Message Broker V8.0, the APAR is targeted to be available in fix pack 8.0.0.6
Prior to fix pack availability the APAR can be obtained on request from IBM Support.
Workarounds and Mitigations
None known
| CPE | Name | Operator | Version |
|---|---|---|---|
| websphere message broker | eq | 8.0 | |
| ibm integration bus | eq | 9.0 |
Related
cve
cve
CVE-2014-4819
2014-09-18 10:55:11
prion
prion
Information disclosure
2014-09-18 10:55:00
cvelist
cvelist
CVE-2014-4819
2014-09-18 10:00:00
nvd
nvd
CVE-2014-4819
2014-09-18 10:55:11
0.001 Low
EPSS
Percentile
49.7%
Related for 6A5FBF895E64A9F4A8EDDD72CB65AF2133FF8360CBE8031BB6476221CD388370