CVE-2013-6330

IBM WebSphere Application Server 7.x < 7.0.0.31 - Authenticated Sensitive Information Exposure via Static File Caching

Title source: llm
STIX 2.1

Description

IBM WebSphere Application Server 7.x before 7.0.0.31, when simpleFileServlet static file caching is enabled, allows remote authenticated users to obtain sensitive information via unspecified vectors.

References (3)

Core 3
Core References
Vendor Advisory x_refsource_confirm
http://www-01.ibm.com/support/docview.wss?uid=swg21661323
Vendor Advisory vendor-advisory x_refsource_aixapar
http://www-01.ibm.com/support/docview.wss?uid=swg1PM98624
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/88905

Scores

EPSS 0.0146
EPSS Percentile 70.4%

Details

CWE
CWE-200
Status published
Products (22)
ibm/websphere_application_server 7.0
ibm/websphere_application_server 7.0.0.1
ibm/websphere_application_server 7.0.0.2
ibm/websphere_application_server 7.0.0.3
ibm/websphere_application_server 7.0.0.10
ibm/websphere_application_server 7.0.0.11
ibm/websphere_application_server 7.0.0.12
ibm/websphere_application_server 7.0.0.13
ibm/websphere_application_server 7.0.0.14
ibm/websphere_application_server 7.0.0.15
... and 12 more
Published Jan 16, 2014
Tracked Since Feb 18, 2026