CVE-2015-7445

medium

Description

IBM Multi-Enterprise Integration Gateway 1.0 through 1.0.0.1 and B2B Advanced Communications 1.x before 1.0.0.4, when guest access is configured, allow remote authenticated users to obtain sensitive information by reading error messages in responses.

References

http://www.securityfocus.com/bid/79681

http://www-01.ibm.com/support/docview.wss?uid=swg21972480

http://www-01.ibm.com/support/docview.wss?uid=swg1IT12573

Details

Source: Mitre, NVD

Published: 2016-01-01

Updated: 2026-06-17

Risk Information

CVSS v2

Base Score: 3.5

Vector: CVSS2#AV:N/AC:M/Au:S/C:P/I:N/A:N

Severity: Low

CVSS v3

Base Score: 4.3

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Severity: Medium

EPSS

EPSS: 0.00184