Test ID:	1.3.6.1.4.1.25623.1.0.106228
Category:	Web application abuses
Title:	IBM WebSphere Portal Information Disclosure Vulnerability
Summary:	IBM WebSphere Portal is prone to an information disclosure vulnerability.
Description:	Summary: IBM WebSphere Portal is prone to an information disclosure vulnerability. Vulnerability Insight: IBM Websphere Portal could allow a remote attacker to obtain sensitive information, caused by Access Control issue in Portal AccessControl REST API. By REST request, an attacker could exploit this vulnerability to view access control configuration of a requested resource. Vulnerability Impact: Remote attackers may bypass intended Portal AccessControl REST API access restrictions and obtain sensitive information. Affected Software/OS: WebSphere Portal 6.1, 7, 8.0 and 8.5. Solution: Check the vendor's advisory for sulutions. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2015-7447 AIX APAR: PI51395 http://www-01.ibm.com/support/docview.wss?uid=swg1PI51395 BugTraq ID: 79511 http://www.securityfocus.com/bid/79511 http://www.securitytracker.com/id/1034538
Copyright	Copyright (C) 2016 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.