CVE-2014-6170
IBM Integration Bus and WebSphere Message Broker - Exposure of Sensitive Information via HTTPInput Node SOAP Fault
Title source: llmDescription
The HTTPInput node in IBM WebSphere Message Broker 7.0 before 7.0.0.8 and 8.0 before 8.0.0.6 and IBM Integration Bus 9.0 before 9.0.0.4 allows remote attackers to obtain sensitive information by triggering a SOAP fault.
References (3)
Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/98309
Various Sources vendor-advisory
x_refsource_aixapar
http://www-01.ibm.com/support/docview.wss?uid=swg1IT01929
Vendor Advisory x_refsource_confirm
http://www-01.ibm.com/support/docview.wss?uid=swg21690725
Scores
EPSS
0.0135
EPSS Percentile
68.2%
Details
CWE
CWE-200
Status
published
Products (18)
ibm/integration_bus
9.0
ibm/integration_bus
9.0.0.1
ibm/integration_bus
9.0.0.2
ibm/integration_bus
9.0.0.3
ibm/websphere_message_broker
7.0.
ibm/websphere_message_broker
7.0.0.1
ibm/websphere_message_broker
7.0.0.2
ibm/websphere_message_broker
7.0.0.3
ibm/websphere_message_broker
7.0.0.4
ibm/websphere_message_broker
7.0.0.5
... and 8 more
Published
Feb 02, 2015
Tracked Since
Feb 18, 2026