|Date: (C)2009-02-13 (M)2017-08-08|
|CVSS Score: 2.1||Access Vector: LOCAL|
|Exploitability Subscore: 3.9||Access Complexity: LOW|
|Impact Subscore: 2.9||Authentication: NONE|
| ||Confidentiality: PARTIAL|
| ||Integrity: NONE|
| ||Availability: NONE|
IBM WebSphere Message Broker 6.1.x before 220.127.116.11 writes a database connection password to the Event Log and System Log during exception handling for a JDBC error, which allows local users to obtain sensitive information by reading these logs.