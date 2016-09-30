IBM Websphere Application Server 7 Obtain Information Vulnerability
26 Dec. 2016
Summary
IBM WebSphere Application Server (WAS) 7.x before 7.0.0.43, 8.0.x before 8.0.0.13, 8.5.x before 8.5.5.11, 9.0.x before 9.0.0.2, and Liberty before 16.0.0.3 mishandles responses, which allows remote attackers to obtain sensitive information via vectors.
Vulnerable Systems:
* IBM Websphere Application Server 7
* IBM Websphere Application Server 7.0.0.0
* IBM Websphere Application Server 7.0.0.1
* IBM Websphere Application Server 7.0.0.2
* IBM Websphere Application Server 7.0.0.3
* IBM Websphere Application Server 7.0.0.4
* IBM Websphere Application Server 7.0.0.5
* IBM Websphere Application Server 7.0.0.6
* IBM Websphere Application Server 7.0.0.7
* IBM Websphere Application Server 7.0.0.8
* IBM Websphere Application Server 7.0.0.9
* IBM Websphere Application Server 7.0.0.10
* IBM Websphere Application Server 7.0.0.11
* IBM Websphere Application Server 7.0.0.12
* IBM Websphere Application Server 7.0.0.13
* IBM Websphere Application Server 7.0.0.14
* IBM Websphere Application Server 7.0.0.15
* IBM Websphere Application Server 7.0.0.16
* IBM Websphere Application Server 7.0.0.17
* IBM Websphere Application Server 7.0.0.18
* IBM Websphere Application Server 7.0.0.19
* IBM Websphere Application Server 7.0.0.21
* IBM Websphere Application Server 7.0.0.22
* IBM Websphere Application Server 7.0.0.23
* IBM Websphere Application Server 7.0.0.24
* IBM Websphere Application Server 7.0.0.25
* IBM Websphere Application Server 7.0.0.27
* IBM Websphere Application Server 7.0.0.28
* IBM Websphere Application Server 7.0.0.29
* IBM Websphere Application Server 7.0.0.31
* IBM Websphere Application Server 7.0.0.32
* IBM Websphere Application Server 7.0.0.33
* IBM Websphere Application Server 7.0.0.34
* IBM Websphere Application Server 7.0.0.35
* IBM Websphere Application Server 7.0.0.36
* IBM Websphere Application Server 7.0.0.37
* IBM Websphere Application Server 7.0.0.38
* IBM Websphere Application Server 7.0.0.39
* IBM Websphere Application Server 7.0.0.41
* IBM Websphere Application Server 8
* IBM Websphere Application Server 8.0.0.0
* IBM Websphere Application Server 8.0.0.1
* IBM Websphere Application Server 8.0.0.2
* IBM Websphere Application Server 8.0.0.3
* IBM Websphere Application Server 8.0.0.4
* IBM Websphere Application Server 8.0.0.5
* IBM Websphere Application Server 8.0.0.6
* IBM Websphere Application Server 8.0.0.7
* IBM Websphere Application Server 8.0.0.8
* IBM Websphere Application Server 8.0.0.9
* IBM Websphere Application Server 8.0.0.10
* IBM Websphere Application Server 8.0.0.11
* IBM Websphere Application Server 8.0.0.12
* IBM Websphere Application Server 8.5.0.0
* IBM Websphere Application Server 8.5.0.0
* IBM Websphere Application Server 8.5.0.1
* IBM Websphere Application Server 8.5.0.2
* IBM Websphere Application Server 8.5.5.0
* IBM Websphere Application Server 8.5.5.1
* IBM Websphere Application Server 8.5.5.2
* IBM Websphere Application Server 8.5.5.4
* IBM Websphere Application Server 8.5.5.5
* IBM Websphere Application Server 8.5.5.6
* IBM Websphere Application Server 8.5.5.7
* IBM Websphere Application Server 8.5.5.8
* IBM Websphere Application Server 8.5.5.9
* IBM Websphere Application Server 8.5.5.10
* IBM Websphere Application Server 9.0.0.0
* IBM Websphere Application Server 9.0.0.1
IBM WebSphere Application Server and IBM WebSphere Application Server Liberty could allow a remote attacker to obtain sensitive information, caused by the improper handling of responses under certain conditions. An attacker could exploit this vulnerability to gain server identification information.