[email protected]CVE-2006-4136

HistoryAug 14, 2006 - 11:04 p.m.

CVE-2006-4136

2006-08-1423:04:00

CWE-200

CWE-264

[email protected]

web.nvd.nist.gov

ibm

websphere

application server

cve-2006-4136

vulnerability

soap

mbean

threadidentitysupport

nvd

7.6 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.007 Low

EPSS

Percentile

79.9%

JSON

Multiple unspecified vulnerabilities in IBM WebSphere Application Server before 6.1.0.1 have unspecified impact and attack vectors involving (1) “SOAP requests and responses”, (2) mbean, (3) ThreadIdentitySupport, and possibly others.

CPENameOperatorVersion
ibm:websphere_application_serveribm websphere application servereq6.0.2.1
ibm:websphere_application_serveribm websphere application servereq6.0.2.5
ibm:websphere_application_serveribm websphere application servereq6.0.0.3
ibm:websphere_application_serveribm websphere application servereq6.0.2.9
ibm:websphere_application_serveribm websphere application servereq6.0.2.6
ibm:websphere_application_serveribm websphere application servereq6.0.2.2
ibm:websphere_application_serveribm websphere application servereq6.0.2
ibm:websphere_application_serveribm websphere application servereq6.0.2.4
ibm:websphere_application_serveribm websphere application servereq6.0.1.2
ibm:websphere_application_serveribm websphere application servereq6.0.0.1

CPE	Name	Operator	Version
ibm:websphere_application_server	ibm websphere application server	eq	6.0.2.1
ibm:websphere_application_server	ibm websphere application server	eq	6.0.2.5
ibm:websphere_application_server	ibm websphere application server	eq	6.0.0.3
ibm:websphere_application_server	ibm websphere application server	eq	6.0.2.9
ibm:websphere_application_server	ibm websphere application server	eq	6.0.2.6
ibm:websphere_application_server	ibm websphere application server	eq	6.0.2.2
ibm:websphere_application_server	ibm websphere application server	eq	6.0.2
ibm:websphere_application_server	ibm websphere application server	eq	6.0.2.4
ibm:websphere_application_server	ibm websphere application server	eq	6.0.1.2
ibm:websphere_application_server	ibm websphere application server	eq	6.0.0.1

Rows per page:

1-10 of 161

References

secunia.com/advisories/21440

www-1.ibm.com/support/docview.wss?rs=180&uid=swg27007951

www-1.ibm.com/support/search.wss?rs=0&q=PK24334&apar=only

www-1.ibm.com/support/search.wss?rs=0&q=PK25199&apar=only

www-1.ibm.com/support/search.wss?rs=0&q=PK26498&apar=only

www.securityfocus.com/bid/19463

www.vupen.com/english/advisories/2006/3262

7.6 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.007 Low

EPSS

Percentile

79.9%

JSON