CVE-2013-2976

LOW

Description

The Administrative console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0 before 7.0.0.29, 8.0 before 8.0.0.7, and 8.5 before 8.5.5.0 does not properly perform caching, which allows local users to obtain sensitive information via unspecified vectors.

References

http://www-01.ibm.com/support/docview.wss?uid=swg1PM79992

http://www-01.ibm.com/support/docview.wss?uid=swg21644047

https://exchange.xforce.ibmcloud.com/vulnerabilities/83965

Details

Source: MITRE

Published: 2013-08-21

Updated: 2017-08-29

Type: CWE-200

Risk Information

CVSS v2.0

Base Score: 1.9

Vector: AV:L/AC:M/Au:N/C:P/I:N/A:N

Impact Score: 2.9

Exploitability Score: 3.4

Severity: LOW