CVE-2009-0432

Published Feb 10, 2009

Last updated 7 years ago

Overview

Description: The installation process for the File Transfer servlet in the System Management/Repository component in IBM WebSphere Application Server (WAS) 6.1.x before 6.1.0.19 does not enable the secure version, which allows remote attackers to obtain sensitive information via unspecified vectors.
Source: cve@mitre.org
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 5
Impact score: 2.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:N/A:N

Weaknesses

nvd@nist.gov: CWE-16

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5FC6EB31-9707-408B-8BF5-66BD23441A75"
          },
          {
            "criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9B73E052-AF4F-4543-AA03-F5B1FA976EA8"
          },
          {
            "criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "23171B81-C991-467A-95A4-EDDAC59C37BC"
          },
          {
            "criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2586C584-3258-414B-AB28-1EBA0DBD0B83"
          },
          {
            "criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BCA175EA-EDC6-4228-8E28-E9BBC981E60A"
          },
          {
            "criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C6A4EC9D-98C2-40B0-BA40-4838FE8D1FF7"
          },
          {
            "criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7AF5BB33-4E78-4123-8093-EBEE2F2B5598"
          },
          {
            "criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.13:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A45B6F32-5DFF-4833-9F0F-89576724CF97"
          },
          {
            "criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.15:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "13CA9A59-DFE4-4566-8719-E6FA4720F06A"
          },
          {
            "criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.17:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A89DD1BF-4AB0-480D-9856-B1BEA73A4AAD"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References