CVE-2014-4761

IBM WebSphere Portal - Info Disclosure

Title source: llm
STIX 2.1

Description

IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0 through 7.0.0.2 CF28, 8.0 before 8.0.0.1 CF14, and 8.5.0 through 8.5.0.0 CF02 allows remote authenticated users to discover credentials by reading HTML source code.

References (4)

Core 4
Core References
Various Sources vendor-advisory x_refsource_aixapar
http://www-01.ibm.com/support/docview.wss?uid=swg1PI22104
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/61126
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/94658

Scores

EPSS 0.0164
EPSS Percentile 73.5%

Details

CWE
CWE-200
Status published
Products (14)
ibm/websphere_portal 6.1.0.0
ibm/websphere_portal 6.1.0.1
ibm/websphere_portal 6.1.0.2
ibm/websphere_portal 6.1.0.3
ibm/websphere_portal 6.1.0.4
ibm/websphere_portal 6.1.0.5
ibm/websphere_portal 6.1.0.6 (12 CPE variants)
ibm/websphere_portal 6.1.5.0
ibm/websphere_portal 6.1.5.1
ibm/websphere_portal 6.1.5.2
... and 4 more
Published Oct 10, 2014
Tracked Since Feb 18, 2026