Lucene search
MitreCVE-2006-2436HistoryMay 17, 2006 - 10:06 a.m.
CVE-2006-2436
2006-05-1710:06:00
mitre
web.nvd.nist.gov
20
websphere
application server
plaintext passwords
security vulnerability
cve-2006-2436
nvd
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
6.8
Confidence
High
EPSS
0.004
Percentile
74.3%
WebSphere Application Server 5.0.2 (or any earlier cumulative fix) stores admin and LDAP passwords in plaintext in the FFDC logs when a login to WebSphere fails, which allows attackers to gain privileges.
Affected configurations
Node
ibmwebsphere_application_serverMatch5.0.0
ORibmwebsphere_application_serverMatch5.0.1
ORibmwebsphere_application_serverMatch5.0.2
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ibm | websphere_application_server | 5.0.0 | cpe:2.3:a:ibm:websphere_application_server:5.0.0:*:*:*:*:*:*:* |
| ibm | websphere_application_server | 5.0.1 | cpe:2.3:a:ibm:websphere_application_server:5.0.1:*:*:*:*:*:*:* |
| ibm | websphere_application_server | 5.0.2 | cpe:2.3:a:ibm:websphere_application_server:5.0.2:*:*:*:*:*:*:* |
Related
prion
prion
Code injection
2006-05-17 10:06:00
nvd
nvd
CVE-2006-2436
2006-05-17 10:06:00
cvelist
cvelist
CVE-2006-2436
2006-05-17 10:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
6.8
Confidence
High
EPSS
0.004
Percentile
74.3%
Related for CVE-2006-2436