CVE-2014-6170
https://notcve.org/view.php?id=CVE-2014-6170
The HTTPInput node in IBM WebSphere Message Broker 7.0 before 7.0.0.8 and 8.0 before 8.0.0.6 and IBM Integration Bus 9.0 before 9.0.0.4 allows remote attackers to obtain sensitive information by triggering a SOAP fault. El nodo HTTPInput en IBM WebSphere Message Broker 7.0 anterior a 7.0.0.8 y 8.0 anterior a 8.0.0.6 y IBM Integration Bus 9.0 anterior a 9.0.0.4 permite a atacantes remotos obtener información sensible mediante la provocación de un fallo SOAP. • http://www-01.ibm.com/support/docview.wss?uid=swg1IT01929 http://www-01.ibm.com/support/docview.wss?uid=swg21690725 https://exchange.xforce.ibmcloud.com/vulnerabilities/98309 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2014-4819
https://notcve.org/view.php?id=CVE-2014-4819
The web user interface in IBM WebSphere Message Broker 8.0 before 8.0.0.6 and IBM Integration Bus 9.0 before 9.0.0.3 allows remote authenticated users to obtain sensitive information by reading the error page. La interfaz web de usuario en IBM WebSphere Message Broker 8.0 anterior a 8.0.0.6 e IBM Integration Bus 9.0 anterior a 9.0.0.3 permite a usuarios autenticados remotos obtener información sensible leyendo la página de error. • http://secunia.com/advisories/61356 http://www-01.ibm.com/support/docview.wss?uid=swg1IT03097 http://www-01.ibm.com/support/docview.wss?uid=swg21682681 https://exchange.xforce.ibmcloud.com/vulnerabilities/95456 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •