IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.27, and 7.0 before 7.0.0.7, does not properly handle an exception occurring after use of wsadmin scripts and configuration of JAAS-J2C Authentication Data, which allows local users to obtain sensitive information by reading the First Failure Data Capture (FFDC) log file.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Information
Published : 2009-09-21 12:30
Updated : 2017-08-16 18:30
NVD link : CVE-2009-2743
Mitre link : CVE-2009-2743
JSON object : View
CWE
Products Affected
ibm
- websphere_application_server