Sensitive Information Disclosure in IBM Integration Bus and WebSphere Message Broker
CVE-2016-2961 · MEDIUM Severity
AV:N/AC:L/AU:N/C:P/I:N/A:N
The integration server in IBM Integration Bus 9 before 9.0.0.6 and 10 before 10.0.0.5 and WebSphere Message Broker 8 before 8.0.0.8 allows remote attackers to obtain sensitive Tomcat version information by sending a malformed POST request and then reading the Java stack trace.
Learn more about our Cis Benchmark Audit For Apache Tomcat.