CVE-2015-1932
IBM Websphere Virtual Enterprise < 7.0.0.6 - Information Disclosure
Title source: ruleDescription
IBM WebSphere Application Server 7.x before 7.0.0.39, 8.0.x before 8.0.0.11, and 8.5.x before 8.5.5.7 and WebSphere Virtual Enterprise before 7.0.0.7 allow remote attackers to obtain potentially sensitive information about the proxy-server software by reading the HTTP Via header.
References (4)
Core 4
Core References
Vendor Advisory x_refsource_confirm
http://www-01.ibm.com/support/docview.wss?uid=swg21963275
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1033325
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/76466
Various Sources vendor-advisory
x_refsource_aixapar
http://www-01.ibm.com/support/docview.wss?uid=swg1PI38403
Scores
EPSS
0.0211
EPSS Percentile
79.5%
Details
CWE
CWE-200
Status
published
Products (50)
ibm/websphere_application_server
7.0.0.1
ibm/websphere_application_server
7.0.0.2
ibm/websphere_application_server
7.0.0.3
ibm/websphere_application_server
7.0.0.4
ibm/websphere_application_server
7.0.0.5
ibm/websphere_application_server
7.0.0.6
ibm/websphere_application_server
7.0.0.7
ibm/websphere_application_server
7.0.0.8
ibm/websphere_application_server
7.0.0.9
ibm/websphere_application_server
7.0.0.10
... and 40 more
Published
Aug 22, 2015
Tracked Since
Feb 18, 2026