CVE-2014-4819

IBM WebSphere Message Broker <8.0.0.6 & IBM Integration Bus <9.0.0....

Title source: llm
STIX 2.1

Description

The web user interface in IBM WebSphere Message Broker 8.0 before 8.0.0.6 and IBM Integration Bus 9.0 before 9.0.0.3 allows remote authenticated users to obtain sensitive information by reading the error page.

References (4)

Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/95456
Vendor Advisory x_refsource_confirm
http://www-01.ibm.com/support/docview.wss?uid=swg21682681
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/61356
Various Sources vendor-advisory x_refsource_aixapar
http://www-01.ibm.com/support/docview.wss?uid=swg1IT03097

Scores

EPSS 0.0109
EPSS Percentile 61.5%

Details

CWE
CWE-200
Status published
Products (9)
ibm/integration_bus 9.0
ibm/integration_bus 9.0.0.1
ibm/integration_bus 9.0.0.2
ibm/websphere_message_broker 8.0
ibm/websphere_message_broker 8.0.0.1
ibm/websphere_message_broker 8.0.0.2
ibm/websphere_message_broker 8.0.0.3
ibm/websphere_message_broker 8.0.0.4
ibm/websphere_message_broker 8.0.0.5
Published Sep 18, 2014
Tracked Since Feb 18, 2026