← back
CVE-2009-0434

CVE-2009-0434

EPSS 0.3%
PerfServlet in the PMI/Performance Tools component in IBM WebSphere Application Server (WAS) 6.0.x before 6.0.2.31, 6.1.x before 6.1.0.21, and 7.0.x before 7.0.0.1, when Performance Monitoring Infrastructure (PMI) is enabled, allows local users to obtain sensitive information by reading the (1) systemout.log and (2) ffdc files. NOTE: this is probably a duplicate of CVE-2008-5413.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://exchange.xforce.ibmcloud.com/vulnerabilities/48524http://www-01.ibm.com/support/docview.wss?uid=swg27006876http://www-01.ibm.com/support/docview.wss?uid=swg27007951http://www-01.ibm.com/support/docview.wss?uid=swg27014463http://www-1.ibm.com/support/docview.wss?uid=swg1PK63886http://www-1.ibm.com/support/docview.wss?uid=swg1PK79230http://www.securityfocus.com/bid/33700http://www.vupen.com/english/advisories/2009/0423