Medium severity5.3NVD Advisory· Published Jul 2, 2016· Updated May 6, 2026
CVE-2016-2961
CVE-2016-2961
Description
The integration server in IBM Integration Bus 9 before 9.0.0.6 and 10 before 10.0.0.5 and WebSphere Message Broker 8 before 8.0.0.8 allows remote attackers to obtain sensitive Tomcat version information by sending a malformed POST request and then reading the Java stack trace.
Affected products
19cpe:2.3:a:ibm:integration_bus:10.0:*:*:*:*:*:*:*+ 10 more
- cpe:2.3:a:ibm:integration_bus:10.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:integration_bus:10.0.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:integration_bus:10.0.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:integration_bus:10.0.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:integration_bus:10.0.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:integration_bus:9.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:integration_bus:9.0.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:integration_bus:9.0.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:integration_bus:9.0.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:integration_bus:9.0.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:integration_bus:9.0.0.5:*:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_message_broker:8.0:*:*:*:*:*:*:*+ 7 more
- cpe:2.3:a:ibm:websphere_message_broker:8.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_message_broker:8.0.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_message_broker:8.0.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_message_broker:8.0.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_message_broker:8.0.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_message_broker:8.0.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_message_broker:8.0.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_message_broker:8.0.0.7:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- www-01.ibm.com/support/docview.wssnvdVendor Advisory
- www-01.ibm.com/support/docview.wssnvd
News mentions
0No linked articles in our index yet.