Vulnerability Details CVE-2009-0437
The Installation Factory installation process for IBM WebSphere Application Server (WAS) 6.0.2 on Windows, when WAS is registered as a Windows service, allows local users to obtain sensitive information by reading the logs/instconfigifwas6.log log file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 17.2%
CVSS Severity
CVSS v2 Score 1.9
References
- http://www-1.ibm.com/support/docview.wss?uid=swg1PK67405
- http://www.securityfocus.com/bid/33849
- https://exchange.xforce.ibmcloud.com/vulnerabilities/48527
- http://www-1.ibm.com/support/docview.wss?uid=swg1PK67405
- http://www.securityfocus.com/bid/33849
- https://exchange.xforce.ibmcloud.com/vulnerabilities/48527
Products affected by CVE-2009-0437
-
cpe:2.3:a:ibm:websphere_application_server:6.0.2
-
cpe:2.3:o:microsoft:windows:-
-
cpe:2.3:o:microsoft:windows:1.0
-
cpe:2.3:o:microsoft:windows:2.0
-
cpe:2.3:o:microsoft:windows:2000
-
cpe:2.3:o:microsoft:windows:3.0
-
cpe:2.3:o:microsoft:windows:3.1
-
cpe:2.3:o:microsoft:windows:3.11
-
cpe:2.3:o:microsoft:windows:server_2008
-
cpe:2.3:o:microsoft:windows:vista