Sensitive Information Disclosure in IBM Integration Bus and WebSphere Message Broker

Sensitive Information Disclosure in IBM Integration Bus and WebSphere Message Broker

CVE-2016-2961 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

The integration server in IBM Integration Bus 9 before 9.0.0.6 and 10 before 10.0.0.5 and WebSphere Message Broker 8 before 8.0.0.8 allows remote attackers to obtain sensitive Tomcat version information by sending a malformed POST request and then reading the Java stack trace.

Learn more about our Cis Benchmark Audit For Apache Tomcat.