CVE-2015-1932

MEDIUM

Description

IBM WebSphere Application Server 7.x before 7.0.0.39, 8.0.x before 8.0.0.11, and 8.5.x before 8.5.5.7 and WebSphere Virtual Enterprise before 7.0.0.7 allow remote attackers to obtain potentially sensitive information about the proxy-server software by reading the HTTP Via header.

References

http://www.securityfocus.com/bid/76466

http://www.securitytracker.com/id/1033325

http://www-01.ibm.com/support/docview.wss?uid=swg1PI38403

http://www-01.ibm.com/support/docview.wss?uid=swg21963275

Details

Source: MITRE

Published: 2015-08-22

Updated: 2017-09-20

Type: CWE-200

Risk Information

CVSS v2.0

Base Score: 5

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Impact Score: 2.9

Exploitability Score: 10

Severity: MEDIUM