Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-5066

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2011-5066
Last Modified 08 Feb 2012 12:00:00
Published 14 Jan 2012 10:55:13
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2011-5066

Summary

The SibRaRecoverableSiXaResource class in the Default Messaging Component in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.41 does not properly handle a Service Integration Bus (SIB) dump operation involving the First Failure Data Capture (FFDC) introspection code, which allows local users to obtain sensitive information by reading the FFDC log file.

Vulnerable Systems

Application

  • Ibm Websphere Application Server 6.1

  • Ibm Websphere Application Server 6.1.0

  • Ibm Websphere Application Server 6.1.0.0

  • Ibm Websphere Application Server 6.1.0.1

  • Ibm Websphere Application Server 6.1.0.11

  • Ibm Websphere Application Server 6.1.0.12

  • Ibm Websphere Application Server 6.1.0.15

  • Ibm Websphere Application Server 6.1.0.17

  • Ibm Websphere Application Server 6.1.0.19

  • Ibm Websphere Application Server 6.1.0.2

  • Ibm Websphere Application Server 6.1.0.21

  • Ibm Websphere Application Server 6.1.0.23

  • Ibm Websphere Application Server 6.1.0.25

  • Ibm Websphere Application Server 6.1.0.27

  • Ibm Websphere Application Server 6.1.0.29

  • Ibm Websphere Application Server 6.1.0.3

  • Ibm Websphere Application Server 6.1.0.31

  • Ibm Websphere Application Server 6.1.0.33

  • Ibm Websphere Application Server 6.1.0.35

  • Ibm Websphere Application Server 6.1.0.37

  • Ibm Websphere Application Server 6.1.0.39

  • Ibm Websphere Application Server 6.1.0.5

  • Ibm Websphere Application Server 6.1.0.7

  • Ibm Websphere Application Server 6.1.0.9

  • Ibm Websphere Application Server 6.1.1

  • Ibm Websphere Application Server 6.1.13

  • Ibm Websphere Application Server 6.1.14

  • Ibm Websphere Application Server 6.1.3

  • Ibm Websphere Application Server 6.1.5

  • Ibm Websphere Application Server 6.1.6

  • Ibm Websphere Application Server 6.1.7


References

CONFIRM - http://www-01.ibm.com/support/docview.wss?uid=swg27007951

AIXAPAR - PM36685


Last Updated: 27 May 2016 10:57:20