IBM Sterling B2B Integrator Standard Edition could allow a remote attacker to obtain sensitive information. By allowing HTTP OPTIONS method, a remote attacker could send a specially-crafted query to a vulnerable server running to cause the server to disclose sensitive information in the HTTP response.
References
Link | Resource |
---|---|
http://www.ibm.com/support/docview.wss?uid=swg21981549 | Patch Vendor Advisory |
http://www.securityfocus.com/bid/90527 | Third Party Advisory VDB Entry |
Configurations
Configuration 1 (hide)
|
Information
Published : 2017-02-08 14:59
Updated : 2017-02-15 05:13
NVD link : CVE-2016-0210
Mitre link : CVE-2016-0210
JSON object : View
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
Products Affected
ibm
- sterling_b2b_integrator