Ibm: >> Websphere Message Broker >> 8.0.0.6 Security Vulnerabilities
IBM WebSphere Message Broker (IBM Integration Bus 9.0 and 10.0) could allow an unauthorized user to obtain sensitive information about software versions that could lead to further attacks. IBM X-Force ID: 121341.
CVSS Score
5.3
EPSS Score
0.002
Published
2017-10-04
IBM WebSphere Message Broker could allow a local user with specialized access to prevent the message broker from starting. IBM X-Force ID: 122033.
CVSS Score
2.5
EPSS Score
0.001
Published
2017-07-05
IBM WebSphere Message Broker stores user credentials in plain in clear text which can be read by a local user. IBM X-Force ID: 123777.
CVSS Score
5.5
EPSS Score
0.0
Published
2017-07-05
The integration server in IBM Integration Bus 9 before 9.0.0.6 and 10 before 10.0.0.5 and WebSphere Message Broker 8 before 8.0.0.8 allows remote attackers to obtain sensitive Tomcat version information by sending a malformed POST request and then reading the Java stack trace.
CVSS Score
5.3
EPSS Score
0.002
Published
2016-07-02
IBM Integration Bus 9 and 10 before 10.0.0.1 and WebSphere Message Broker 7 before 7.0.0.8 and 8 before 8.0.0.7 do not ensure that the correct security profile is selected, which allows remote authenticated users to obtain sensitive information via unspecified vectors.
CVSS Score
3.5
EPSS Score
0.001
Published
2015-08-23