Information Disclosure Vulnerability in IBM WebSphere Application Server (WAS) 6.1

Information Disclosure Vulnerability in IBM WebSphere Application Server (WAS) 6.1

CVE-2011-5066 · LOW Severity

AV:L/AC:L/AU:N/C:P/I:N/A:N

The SibRaRecoverableSiXaResource class in the Default Messaging Component in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.41 does not properly handle a Service Integration Bus (SIB) dump operation involving the First Failure Data Capture (FFDC) introspection code, which allows local users to obtain sensitive information by reading the FFDC log file.

Learn more about our Cis Benchmark Audit For Ibm I.