Apache Tomcat could allow a remote attacker to obtain sensitive information, caused by an error when accessing a protected directory. By redirecting to the URL, an attacker could exploit this vulnerability to determine the presence of a directory. OpenSource Apache Tomcat is used by IBM Algorithmics Counterparty Credit Risk
CVE(s): CVE-2015-5345, CVE-2015-5346
Affected product(s) and affected version(s):
Algo One Versions 5.0.0 through 5.1.0
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2aUhAiI
X-Force Database: http://ift.tt/1rhWy5x
X-Force Database: http://ift.tt/1NSj9zW
from IBM Product Security Incident Response Team http://ift.tt/2b6cWBG
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.