Lucene search

[email protected]CVE-2007-3397

HistoryJun 26, 2007 - 5:30 p.m.

CVE-2007-3397

2007-06-2617:30:00

[email protected]

web.nvd.nist.gov

ibm

websphere application server

cve-2007-3397

information disclosure

nvd

security vulnerability

remote attackers

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

6.3 Medium

AI Score

Confidence

High

0.009 Low

EPSS

Percentile

82.9%

JSON

The web container in IBM WebSphere Application Server (WAS) before 6.0.2.21, and 6.1.x before 6.1.0.9, sends response data intended for a different request in certain circumstances after a closed connection error, which might allow remote attackers to obtain sensitive information.

Affected configurations

NVD

Node

ibmwebsphere_application_serverMatch6.0.2

ibmwebsphere_application_serverMatch6.0.2.1

ibmwebsphere_application_serverMatch6.0.2.2

ibmwebsphere_application_serverMatch6.0.2.3

ibmwebsphere_application_serverMatch6.0.2.4

ibmwebsphere_application_serverMatch6.0.2.5

ibmwebsphere_application_serverMatch6.0.2.6

ibmwebsphere_application_serverMatch6.0.2.7

ibmwebsphere_application_serverMatch6.0.2.9

ibmwebsphere_application_serverMatch6.0.2.11

ibmwebsphere_application_serverMatch6.0.2.13

ibmwebsphere_application_serverMatch6.0.2.15

ibmwebsphere_application_serverMatch6.0.2.17

ibmwebsphere_application_serverMatch6.0.2.19

ibmwebsphere_application_serverMatch6.1.0

ibmwebsphere_application_serverMatch6.1.0.1

ibmwebsphere_application_serverMatch6.1.0.2

ibmwebsphere_application_serverMatch6.1.0.3

ibmwebsphere_application_serverMatch6.1.0.5

ibmwebsphere_application_serverMatch6.1.0.7

CPENameOperatorVersion
ibm:websphere_application_serveribm websphere application servereq6.0.2
ibm:websphere_application_serveribm websphere application servereq6.0.2.1
ibm:websphere_application_serveribm websphere application servereq6.0.2.2
ibm:websphere_application_serveribm websphere application servereq6.0.2.3
ibm:websphere_application_serveribm websphere application servereq6.0.2.4
ibm:websphere_application_serveribm websphere application servereq6.0.2.5
ibm:websphere_application_serveribm websphere application servereq6.0.2.6
ibm:websphere_application_serveribm websphere application servereq6.0.2.7
ibm:websphere_application_serveribm websphere application servereq6.0.2.9
ibm:websphere_application_serveribm websphere application servereq6.0.2.11

CPE	Name	Operator	Version
ibm:websphere_application_server	ibm websphere application server	eq	6.0.2
ibm:websphere_application_server	ibm websphere application server	eq	6.0.2.1
ibm:websphere_application_server	ibm websphere application server	eq	6.0.2.2
ibm:websphere_application_server	ibm websphere application server	eq	6.0.2.3
ibm:websphere_application_server	ibm websphere application server	eq	6.0.2.4
ibm:websphere_application_server	ibm websphere application server	eq	6.0.2.5
ibm:websphere_application_server	ibm websphere application server	eq	6.0.2.6
ibm:websphere_application_server	ibm websphere application server	eq	6.0.2.7
ibm:websphere_application_server	ibm websphere application server	eq	6.0.2.9
ibm:websphere_application_server	ibm websphere application server	eq	6.0.2.11

Rows per page:

1-10 of 201

References

osvdb.org/41644

secunia.com/advisories/25817

www-1.ibm.com/support/docview.wss?rs=180&uid=swg24015854

www-1.ibm.com/support/docview.wss?uid=swg21261071

www.securityfocus.com/bid/24608

www.securitytracker.com/id?1018288

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

6.3 Medium

AI Score

Confidence

High

0.009 Low

EPSS

Percentile

82.9%

JSON

Related for CVE-2007-3397

prion1 nessus2 nvd1 cvelist1