IBM WebSphere Application Server Liberty could allow a remote attacker to obtain sensitive information caused by improper handling of exceptions when a default error page does not exist. Liberty is bundled/embedded with Algo One ARA in Algo One versions 5.0 and 5.1. IBM Algo One Algo Risk Application has addressed the applicable CVEs.
CVE(s): CVE-2016-0378
Affected product(s) and affected version(s):
IBM Algo One ARA Versions 5.0, 5.1
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2msNmcl
X-Force Database: http://ift.tt/2cG9hh7
The post IBM Security Bulletin: Vulnerabilites in IBM Algorithmics Algo One Algo Risk Application (ARA) Stack trace may be thrown if no default error page was set up and exception occurred appeared first on IBM PSIRT Blog.
from IBM Product Security Incident Response Team http://ift.tt/2msCU4K
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.