CVE-2009-0899

Sažetak

IBM WebSphere Application Server (WAS) 6.1 through 6.1.0.24 and 7.0 through 7.0.0.4, IBM WebSphere Portal Server 5.1 through 6.0, and IBM Integrated Solutions Console (ISC) 6.0.1 do not properly set the IsSecurityEnabled security flag during migration of WebSphere Member Manager (WMM) to Virtual Member Manager (VMM) and a Federated Repository, which allows attackers to obtain sensitive information from repositories via unspecified vectors.

Reference

http://www.securityfocus.com/bid/35406
http://www-01.ibm.com/support/docview.wss?uid=swg21375859
http://www-1.ibm.com/support/docview.wss?uid=swg1PK78134
https://exchange.xforce.ibmcloud.com/vulnerabilities/50882

CVSS

Base:	4.3
Impact:	2.9
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	NONE	NONE

CVSS vektor

AV:N/AC:M/Au:N/C:P/I:N/A:N

Zadnje važnije ažuriranje

08-11-2018 - 20:37

Objavljeno

03-06-2009 - 17:00