CVE-2009-2743

CVE-2009-2743 · LOW Severity

AV:L/AC:L/AU:N/C:P/I:N/A:N

IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.27, and 7.0 before 7.0.0.7, does not properly handle an exception occurring after use of wsadmin scripts and configuration of JAAS-J2C Authentication Data, which allows local users to obtain sensitive information by reading the First Failure Data Capture (FFDC) log file.

Learn more about our Cis Benchmark Audit For Ibm Websphere.