Unrated severityNVD Advisory· Published Feb 10, 2009· Updated Apr 23, 2026
CVE-2009-0434
CVE-2009-0434
Description
PerfServlet in the PMI/Performance Tools component in IBM WebSphere Application Server (WAS) 6.0.x before 6.0.2.31, 6.1.x before 6.1.0.21, and 7.0.x before 7.0.0.1, when Performance Monitoring Infrastructure (PMI) is enabled, allows local users to obtain sensitive information by reading the (1) systemout.log and (2) ffdc files. NOTE: this is probably a duplicate of CVE-2008-5413.
Affected products
56cpe:2.3:a:ibm:websphere_application_server:6.0:*:*:*:*:*:*:*+ 55 more
- cpe:2.3:a:ibm:websphere_application_server:6.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.0.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.0.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.0.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.0.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.0.1.11:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.0.1.13:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.0.1.15:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.0.1.17:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.0.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.0.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.0.1.5:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.0.1.7:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.0.1.9:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.0.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.0.2.11:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.0.2.13:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.0.2.15:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.0.2.17:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.0.2.19:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.0.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.0.2.22:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.0.2.23:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.0.2.24:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.0.2.25:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.0.2.27:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.0.2.28:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.0.2.29:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.0.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.0.2.30:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.0.2.31:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.0.2.4:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.0.2.5:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.0.2.6:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.0.2.7:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.0.2.9:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.1.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.1.0.10:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.1.0.11:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.1.0.12:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.1.0.13:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.1.0.14:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.1.0.15:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.1.0.16:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.1.0.17:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.1.0.18:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.1.0.19:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.1.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.1.0.20:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.1.0.21:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:7.0:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
8- www-01.ibm.com/support/docview.wssnvd
- www-01.ibm.com/support/docview.wssnvd
- www-01.ibm.com/support/docview.wssnvd
- www-1.ibm.com/support/docview.wssnvd
- www-1.ibm.com/support/docview.wssnvd
- www.securityfocus.com/bid/33700nvd
- www.vupen.com/english/advisories/2009/0423nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/48524nvd
News mentions
0No linked articles in our index yet.