IBM WebSphere Application Server (WAS) is prone to an information- disclosure vulnerability. A local authenticated attacker can exploit this issue to gain access to sensitive information this may aid in further attacks. Versions prior to WAS 220.127.116.11 and 18.104.22.168 are vulnerable.
Updates are available. Please see the references for details.