CVE-2006-4136
IBM WebSphere Application Server < 6.1.0.1 - Exposure of Sensitive Information via SOAP Requests and MBean
Title source: llmDescription
Multiple unspecified vulnerabilities in IBM WebSphere Application Server before 6.1.0.1 have unspecified impact and attack vectors involving (1) "SOAP requests and responses", (2) mbean, (3) ThreadIdentitySupport, and possibly others.
References (7)
Core 7
Core References
Patch vendor-advisory
x_refsource_aixapar
http://www-1.ibm.com/support/search.wss?rs=0&q=PK25199&apar=only
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2006/3262
Patch vendor-advisory
x_refsource_aixapar
http://www-1.ibm.com/support/search.wss?rs=0&q=PK24334&apar=only
Patch x_refsource_confirm
http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg27007951
Patch vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/19463
Patch vendor-advisory
x_refsource_aixapar
http://www-1.ibm.com/support/search.wss?rs=0&q=PK26498&apar=only
Patch, Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/21440
Scores
EPSS
0.0148
EPSS Percentile
70.9%
Details
CWE
CWE-200
CWE-264
Status
published
Products (16)
ibm/websphere_application_server
6.0
ibm/websphere_application_server
6.0.0.1
ibm/websphere_application_server
6.0.0.2
ibm/websphere_application_server
6.0.0.3
ibm/websphere_application_server
6.0.1
ibm/websphere_application_server
6.0.1.2
ibm/websphere_application_server
6.0.2
ibm/websphere_application_server
6.0.2.1
ibm/websphere_application_server
6.0.2.2
ibm/websphere_application_server
6.0.2.3
... and 6 more
Published
Aug 14, 2006
Tracked Since
Feb 18, 2026