Lucene search

[email protected]CVE-2009-0897

HistoryMay 21, 2009 - 3:30 p.m.

CVE-2009-0897

2009-05-2115:30:01

[email protected]

web.nvd.nist.gov

ibm

websphere

partner gateway

wpg

cve-2009-0897

security

vulnerability

information disclosure

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

5.6 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

43.7%

JSON

IBM WebSphere Partner Gateway (WPG) 6.1.0 before 6.1.0.1 and 6.1.1 before 6.1.1.1 allows remote authenticated users to obtain sensitive information via vectors related to the “schema DB2 instance id” and the bcgarchive (aka the archiver script).

Affected configurations

NVD

Node

ibmwebsphere_partner_gatewayMatch6.1.0

ibmwebsphere_partner_gatewayMatch6.1.1

CPENameOperatorVersion
ibm:websphere_partner_gatewayibm websphere partner gatewayeq6.1.0
ibm:websphere_partner_gatewayibm websphere partner gatewayeq6.1.1

CPE	Name	Operator	Version
ibm:websphere_partner_gateway	ibm websphere partner gateway	eq	6.1.0
ibm:websphere_partner_gateway	ibm websphere partner gateway	eq	6.1.1

References

www-01.ibm.com/support/docview.wss?uid=swg21366016

www.securityfocus.com/bid/35136

exchange.xforce.ibmcloud.com/vulnerabilities/50643

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

5.6 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

43.7%

JSON

Related for CVE-2009-0897

nvd1 prion1 cvelist1