Vulnerability Description
IBM WebSphere Application Server (WAS) 7.0.x before 7.0.0.33, 8.0.x before 8.0.0.9, and 8.5.x before 8.5.5.2 allows remote attackers to obtain sensitive information by leveraging incorrect request handling by the (1) Proxy or (2) ODR server.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Websphere Application Server | 7.0 |
Related Weaknesses (CWE)
References
- http://www-01.ibm.com/support/docview.wss?uid=swg1PI09786
- http://www-01.ibm.com/support/docview.wss?uid=swg21669554Vendor Advisory
- http://www-01.ibm.com/support/docview.wss?uid=swg21676091PatchVendor Advisory
- http://www-01.ibm.com/support/docview.wss?uid=swg21676092PatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/91286
- http://www-01.ibm.com/support/docview.wss?uid=swg1PI09786
- http://www-01.ibm.com/support/docview.wss?uid=swg21669554Vendor Advisory
- http://www-01.ibm.com/support/docview.wss?uid=swg21676091PatchVendor Advisory
- http://www-01.ibm.com/support/docview.wss?uid=swg21676092PatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/91286
FAQ
What is CVE-2014-0891?
CVE-2014-0891 is a vulnerability with a CVSS score of 5.0 (MEDIUM). IBM WebSphere Application Server (WAS) 7.0.x before 7.0.0.33, 8.0.x before 8.0.0.9, and 8.5.x before 8.5.5.2 allows remote attackers to obtain sensitive information by leveraging incorrect request han...
How severe is CVE-2014-0891?
CVE-2014-0891 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2014-0891?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Websphere Application Server.