CVE-2013-2976

IBM WebSphere Application Server <8.5.5.0 - Info Disclosure

Title source: llm
STIX 2.1

Description

The Administrative console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0 before 7.0.0.29, 8.0 before 8.0.0.7, and 8.5 before 8.5.5.0 does not properly perform caching, which allows local users to obtain sensitive information via unspecified vectors.

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/83965
Vendor Advisory x_refsource_confirm
http://www-01.ibm.com/support/docview.wss?uid=swg21644047
Various Sources vendor-advisory x_refsource_aixapar
http://www-01.ibm.com/support/docview.wss?uid=swg1PM79992

Scores

EPSS 0.0035
EPSS Percentile 27.4%

Details

CWE
CWE-200
Status published
Products (50)
ibm/websphere_application_server 8.0.0.0
ibm/websphere_application_server 8.0.0.1
ibm/websphere_application_server 8.0.0.2
ibm/websphere_application_server 8.0.0.3
ibm/websphere_application_server 8.0.0.4
ibm/websphere_application_server 8.0.0.5
ibm/websphere_application_server 8.0.0.6
ibm/websphere_application_server 6.1
ibm/websphere_application_server 6.1.0
ibm/websphere_application_server 6.1.0.0
... and 40 more
Published Aug 21, 2013
Tracked Since Feb 18, 2026