Vulnerability Details CVE-2006-4137
IBM WebSphere Application Server before 6.1.0.1 allows attackers to obtain sensitive information via unspecified vectors related to (1) the log file, (2) "script generated syntax on wsadmin command line," and (3) traces.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 64.3%
CVSS Severity
CVSS v2 Score 5.0
References
- http://secunia.com/advisories/21440
- http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg27007951
- http://www-1.ibm.com/support/search.wss?rs=0&q=PK27547&apar=only
- http://www-1.ibm.com/support/search.wss?rs=0&q=PK27857&apar=only
- http://www-1.ibm.com/support/search.wss?rs=0&q=PK28408&apar=only
- http://www.securityfocus.com/bid/19463
- http://www.vupen.com/english/advisories/2006/3262
- http://secunia.com/advisories/21440
- http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg27007951
- http://www-1.ibm.com/support/search.wss?rs=0&q=PK27547&apar=only
- http://www-1.ibm.com/support/search.wss?rs=0&q=PK27857&apar=only
- http://www-1.ibm.com/support/search.wss?rs=0&q=PK28408&apar=only
- http://www.securityfocus.com/bid/19463
- http://www.vupen.com/english/advisories/2006/3262
Products affected by CVE-2006-4137
-
cpe:2.3:a:ibm:websphere_application_server:6.0
-
cpe:2.3:a:ibm:websphere_application_server:6.0.0.1
-
cpe:2.3:a:ibm:websphere_application_server:6.0.0.2
-
cpe:2.3:a:ibm:websphere_application_server:6.0.0.3
-
cpe:2.3:a:ibm:websphere_application_server:6.0.1
-
cpe:2.3:a:ibm:websphere_application_server:6.0.1.2
-
cpe:2.3:a:ibm:websphere_application_server:6.0.2
-
cpe:2.3:a:ibm:websphere_application_server:6.0.2.1
-
cpe:2.3:a:ibm:websphere_application_server:6.0.2.2
-
cpe:2.3:a:ibm:websphere_application_server:6.0.2.3
-
cpe:2.3:a:ibm:websphere_application_server:6.0.2.4
-
cpe:2.3:a:ibm:websphere_application_server:6.0.2.5
-
cpe:2.3:a:ibm:websphere_application_server:6.0.2.6
-
cpe:2.3:a:ibm:websphere_application_server:6.0.2.7
-
cpe:2.3:a:ibm:websphere_application_server:6.0.2.9
-
cpe:2.3:a:ibm:websphere_application_server:6.1.0.0