Information disclosure in Ibm Integration_bus

CVE-2015-2018

IBM Integration Bus 9 and 10 before 10.0.0.1 and WebSphere Message Broker 7 before 7.0.0.8 and 8 before 8.0.0.7 do not ensure that the correct security profile is selected, which allows remote authenticated users to obtain sensitive inform…

Vulnerability class: Information Disclosure

EPSS: 0.001 (34.8th percentile) — read the EPSS interpretation.

Affected products

Ibm Integration_bus — versions 9.0, 10.0
Ibm Websphere_message_broker — versions 7.0., 7.0.0.1, 7.0.0.2
N/a — versions n/a

Weakness classification (CWE)

CWE-200 — Information Disclosure

References

psirt@us.ibm.com (x_refsource_CONFIRM, Patch, Vendor Advisory)
IT07773 (vendor-advisory, x_refsource_AIXAPAR)