This script is Copyright (C) 2016 Tenable Network Security, Inc.
The remote web application server is affected by an information
The IBM WebSphere Application Server running on the remote host is
version 7.0 prior to 22.214.171.124, 8.0 prior to 126.96.36.199, 8.5 prior to
188.8.131.52, 9.0 prior to 184.108.40.206, or 16.0 (Liberty) prior to 220.127.116.11.
It is, therefore, affected by an information disclosure vulnerability
due to improper validation of user-supplied input. An authenticated,
remote attacker can exploit this to cause a buffer overflow condition,
resulting in the disclosure of sensitive information.
See also :
Apply IBM WebSphere Application Server version 7.0 Fix Pack 43
(18.104.22.168) / 8.0 Fix Pack 13 (22.214.171.124) / 8.5 Fix Pack 10 (126.96.36.199) /
9.0 Fix Pack 1 (188.8.131.52) / 16.0 Fix Pack 3 (184.108.40.206) or later.
Alternatively, apply the appropriate Interim Fixes as recommended in
the vendor advisory.
Risk factor :
Low / CVSS Base Score : 3.5
CVSS Temporal Score : 2.6
Public Exploit Available : false