CVE

Id
37869  
CVE No.
CVE-2009-0434  
Status
Candidate  
Description
PerfServlet in the PMI/Performance Tools component in IBM WebSphere Application Server (WAS) 6.0.x before 6.0.2.31, 6.1.x before 6.1.0.21, and 7.0.x before 7.0.0.1, when Performance Monitoring Infrastructure (PMI) is enabled, allows local users to obtain sensitive information by reading the (1) systemout.log and (2) ffdc files. NOTE: this is probably a duplicate of CVE-2008-5413.  
Phase
Assigned (20090205)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
411419 37869 CVE-2009-0434 MISC:http://www-01.ibm.com/support/docview.wss?uid=swg27006876  View
411420 37869 CVE-2009-0434 CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=swg27007951  View
411421 37869 CVE-2009-0434 CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=swg27014463  View
411422 37869 CVE-2009-0434 AIXAPAR:PK63886  View
411423 37869 CVE-2009-0434 URL:http://www-1.ibm.com/support/docview.wss?uid=swg1PK63886  View
411424 37869 CVE-2009-0434 AIXAPAR:PK79230  View
411425 37869 CVE-2009-0434 URL:http://www-1.ibm.com/support/docview.wss?uid=swg1PK79230  View
411426 37869 CVE-2009-0434 BID:33700  View
411427 37869 CVE-2009-0434 URL:http://www.securityfocus.com/bid/33700  View
411428 37869 CVE-2009-0434 VUPEN:ADV-2009-0423  View
411429 37869 CVE-2009-0434 URL:http://www.vupen.com/english/advisories/2009/0423  View
411430 37869 CVE-2009-0434 XF:websphere-pmi-information-disclosure(48524)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
40082 JVNDB-2009-001088 IBM WebSphere Application Server における情報漏えいの脆弱性 Windows 上で稼働している IBM WebSphere Application Server (WAS) には、リクエストの処理に不備があるため、JSP ページから重要な情報を取得される脆弱性が存在します。 CVE-2009-0438 37869 5 http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001088.html  View