CVE-2011-1310
IBM WebSphere Application Server 6.1.0.x-6.1.0.34 and 7.x-7.0.0.14 - Sensitive Information Exposure
Title source: llmDescription
The Administrative Scripting Tools component in IBM WebSphere Application Server (WAS) 6.1.0.x before 6.1.0.35 and 7.x before 7.0.0.15, when tracing is enabled, places wsadmin command parameters into the (1) wsadmin.traceout and (2) trace.log files, which allows local users to obtain potentially sensitive information by reading these files.
References (2)
Core 2
Core References
Various Sources vendor-advisory
x_refsource_aixapar
http://www-01.ibm.com/support/docview.wss?uid=swg1PM18736
Various Sources x_refsource_confirm
http://www-01.ibm.com/support/docview.wss?uid=swg27014463
Scores
EPSS
0.0027
EPSS Percentile
18.7%
Details
CWE
CWE-200
Status
published
Products (32)
ibm/websphere_application_server
6.1.0
ibm/websphere_application_server
6.1.0.0
ibm/websphere_application_server
6.1.0.1
ibm/websphere_application_server
6.1.0.2
ibm/websphere_application_server
6.1.0.3
ibm/websphere_application_server
6.1.0.5
ibm/websphere_application_server
6.1.0.7
ibm/websphere_application_server
6.1.0.9
ibm/websphere_application_server
6.1.0.11
ibm/websphere_application_server
6.1.0.12
... and 22 more
Published
Mar 08, 2011
Tracked Since
Feb 18, 2026