Release date:
Updated on:
Affected Systems:
IBM WebSphere DataPower XC10 2.x
IBM WebSphere eXtreme Scale 8.x
Description:
--------------------------------------------------------------------------------
Bugtraq id: 56396
IBM WebSphere DataPower XC10 is a device that provides GB grid storage. IBM WebSphere eXtreme Scale is a distributed object cache solution in the cloud environment.
IBM WebSphere DataPower XC10 and IBM WebSphere eXtreme Scale use hard-coded creden。 to authenticate identities between servers and send transport creden。 in plain text. As a result, attackers can perform man-in-the-middle attacks or simulate trusted servers.
<* Source: vendor
Link: http://secunia.com/advisories/51161/
Http://www-01.ibm.com/support/docview.wss? Uid = swg1PM68296
*>
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
IBM
---
For this reason, IBM has released a Security Bulletin (swg1PM68296) and corresponding patches:
Swg1PM68296: SRVE0260E: The server cannot use the error page specified for your application to handle the Original Exception printed below.
Link: http://www-01.ibm.com/support/docview.wss? Uid = swg1PM68296