CVE-2013-2976
IBM WebSphere Application Server <8.5.5.0 - Info Disclosure
Title source: llmDescription
The Administrative console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0 before 7.0.0.29, 8.0 before 8.0.0.7, and 8.5 before 8.5.5.0 does not properly perform caching, which allows local users to obtain sensitive information via unspecified vectors.
References (3)
Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/83965
Vendor Advisory x_refsource_confirm
http://www-01.ibm.com/support/docview.wss?uid=swg21644047
Various Sources vendor-advisory
x_refsource_aixapar
http://www-01.ibm.com/support/docview.wss?uid=swg1PM79992
Scores
EPSS
0.0035
EPSS Percentile
27.4%
Details
CWE
CWE-200
Status
published
Products (50)
ibm/websphere_application_server
8.0.0.0
ibm/websphere_application_server
8.0.0.1
ibm/websphere_application_server
8.0.0.2
ibm/websphere_application_server
8.0.0.3
ibm/websphere_application_server
8.0.0.4
ibm/websphere_application_server
8.0.0.5
ibm/websphere_application_server
8.0.0.6
ibm/websphere_application_server
6.1
ibm/websphere_application_server
6.1.0
ibm/websphere_application_server
6.1.0.0
... and 40 more
Published
Aug 21, 2013
Tracked Since
Feb 18, 2026