Vulnerability Description
IBM WebSphere Partner Gateway (WPG) 6.1.0 before 6.1.0.1 and 6.1.1 before 6.1.1.1 allows remote authenticated users to obtain sensitive information via vectors related to the "schema DB2 instance id" and the bcgarchive (aka the archiver script).
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Websphere Partner Gateway | 6.1.0 |
References
- http://www-01.ibm.com/support/docview.wss?uid=swg21366016PatchVendor Advisory
- http://www.securityfocus.com/bid/35136
- https://exchange.xforce.ibmcloud.com/vulnerabilities/50643
- http://www-01.ibm.com/support/docview.wss?uid=swg21366016PatchVendor Advisory
- http://www.securityfocus.com/bid/35136
- https://exchange.xforce.ibmcloud.com/vulnerabilities/50643
FAQ
What is CVE-2009-0897?
CVE-2009-0897 is a vulnerability with a CVSS score of 4.0 (MEDIUM). IBM WebSphere Partner Gateway (WPG) 6.1.0 before 6.1.0.1 and 6.1.1 before 6.1.1.1 allows remote authenticated users to obtain sensitive information via vectors related to the "schema DB2 instance id" ...
How severe is CVE-2009-0897?
CVE-2009-0897 has been rated MEDIUM with a CVSS base score of 4.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2009-0897?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Websphere Partner Gateway.