CVE-2006-2430

Published May 17, 2006

Last updated 14 years ago

Overview

Description: IBM WebSphere Application Server 5.0.2 and earlier, 5.1.1 and earlier, and 6.0.2 up to 6.0.2.7 records user credentials in plaintext in addNode.log, which allows attackers to gain privileges.
Source: cve@mitre.org
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 10
Impact score: 10
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:ibm:websphere_application_server:5.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "84200300-1985-4770-81E0-31CB2CB99DCB"
          },
          {
            "criteria": "cpe:2.3:a:ibm:websphere_application_server:5.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8873A6A6-D840-48E2-AED2-BB8584E3817A"
          },
          {
            "criteria": "cpe:2.3:a:ibm:websphere_application_server:5.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AB3F05B9-6EE1-4838-AD41-7DD329E71E3E"
          },
          {
            "criteria": "cpe:2.3:a:ibm:websphere_application_server:5.1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "66DB2053-6DFD-4FF6-A6E9-444281531E24"
          },
          {
            "criteria": "cpe:2.3:a:ibm:websphere_application_server:5.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "31419896-89F7-43A2-8B7C-3B92744BBC46"
          },
          {
            "criteria": "cpe:2.3:a:ibm:websphere_application_server:6.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "714C405D-1E8F-45C1-8A09-5103F0080C76"
          },
          {
            "criteria": "cpe:2.3:a:ibm:websphere_application_server:6.0.2.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C7F31FD3-8681-4F07-9644-5CC87D512520"
          },
          {
            "criteria": "cpe:2.3:a:ibm:websphere_application_server:6.0.2.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C2604E01-E43E-4882-8896-5E646E850286"
          },
          {
            "criteria": "cpe:2.3:a:ibm:websphere_application_server:6.0.2.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "458BAD79-958E-4665-B1F8-0D46E0C57045"
          },
          {
            "criteria": "cpe:2.3:a:ibm:websphere_application_server:6.0.2.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0B68EE27-CC4F-4530-9DFE-D94171C45F64"
          },
          {
            "criteria": "cpe:2.3:a:ibm:websphere_application_server:6.0.2.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AC1A723F-D685-4FE5-8938-5682A2D02155"
          },
          {
            "criteria": "cpe:2.3:a:ibm:websphere_application_server:6.0.2.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "810E5AEC-5C35-4962-B9BB-32D66290D1D2"
          },
          {
            "criteria": "cpe:2.3:a:ibm:websphere_application_server:6.0.2.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9643B593-DADF-4F57-B41E-541C7F554A4C"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References