|
Family: CGI abuses --> Category: infos
IBM Websphere default user information leak Vulnerability Scan
Vulnerability Scan Summary Detects Websphere default user information leak
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote web server is affected by an information disclosure issue.
Description :
The remote host is running a version of IBM Websphere Commerce that
may allow potentially confidential information to be accessed through
the default user account. A possible hacker, exploiting this flaw, would
only need to be able to make standard queries to the application
server.
See also :
http://publib.boulder.ibm.com/infocenter/wc56help/index.jsp?topic=/com.ibm.commerce.esupport.doc/html/Security/swg21187876.html
Solution :
Contact WebSphere Commerce support to resolve the issue.
Risk:
Low / CVSS Base Score : 3
(AV:R/AC:H/Au:NR/C:P/A:N/I:N/B:C)
Click HERE for more information and discussions on this network vulnerability scan.
|