The Servlet Engine and Web Container in IBM WebSphere Application Server (WAS) prior to 6.0.2.17, when ibm-web-ext.xmi sets fileServingEnabled to true and servlet caching is enabled, allows remote malicious users to obtain JSP source code and other sensitive information via "specific requests."
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm websphere application server 6.0.2.1 |
||
ibm websphere application server 6.0.2.9 |
||
ibm websphere application server 6.0.2.11 |
||
ibm websphere application server 6.0.2.13 |
||
ibm websphere application server 6.0.2.15 |
||
ibm websphere application server 6.0.2.3 |
||
ibm websphere application server 6.0.2.5 |
||
ibm websphere application server 6.0.2.7 |