mickmick.net

IBM WebSphere Application Server Information Disclosure Vulnerability

Release Date: 2 May 2023

RISK: Medium Risk

TYPE: Servers - Internet App Servers

A vulnerability was identified in IBM WebSphere Application Server. A remote attacker could exploit this vulnerability to trigger sensitive information disclosure on the targeted system.

---

Impact

• Information Disclosure

---

System / Technologies affected

• IBM WebSphere Application Server Liberty Continuous delivery
• IBM WebSphere Application Server version 9.0
• IBM WebSphere Application Server version 8.5.0.0 - 8.5.5.22

---

Solutions

Before installation of the software, please visit the vendor web-site for more details.

 

Apply fixes issued by the vendor:

• https://www.ibm.com/support/pages/node/6986617

---

Vulnerability Identifier

• CVE-2023-30441

---

Source

• AusCERT
• IBM

---

Related Link

• https://www.auscert.org.au/bulletins/ESB-2023.2423
• https://www.ibm.com/support/pages/node/6986617