Buffer overflow in IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.43, 8.0 before 8.0.0.13, 8.5 before 8.5.5.10, 9.0 before 9.0.0.1, and Liberty before 16.0.0.3, when HttpSessionIdReuse is enabled, allows remote authenticated users to obtain sensitive information via unspecified vectors.
http://www.securityfocus.com/bid/92505
http://www.securitytracker.com/id/1036654
Source: MITRE
Published: 2016-09-01
Updated: 2017-08-16
Type: CWE-119
Base Score: 3.5
Vector: AV:N/AC:M/Au:S/C:P/I:N/A:N
Impact Score: 2.9
Exploitability Score: 6.8
Severity: LOW
Base Score: 3.1
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
Impact Score: 1.4
Exploitability Score: 1.6
Severity: LOW