Lucene search

[email protected]CVE-2009-1173

HistoryMar 31, 2009 - 2:09 p.m.

CVE-2009-1173

2009-03-3114:09:00

CWE-264

[email protected]

web.nvd.nist.gov

ibm

websphere

application server

7.0

vulnerability

weak permissions

cve-2009-1173

nvd

6.7 Medium

AI Score

Confidence

Low

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

24.7%

JSON

IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.3 uses weak permissions (777) for files associated with unspecified “interim fixes,” which allows attackers to modify files that would not have been accessible if the intended 755 permissions were used.

CPENameOperatorVersion
ibm:websphere_application_serveribm websphere application servereq7.0
ibm:websphere_application_serveribm websphere application servereq7.0.0.1

CPE	Name	Operator	Version
ibm:websphere_application_server	ibm websphere application server	eq	7.0
ibm:websphere_application_server	ibm websphere application server	eq	7.0.0.1

References

secunia.com/advisories/34131

secunia.com/advisories/34461

www-01.ibm.com/support/docview.wss?uid=swg1PK77590

www-01.ibm.com/support/docview.wss?uid=swg1PK82988

www-01.ibm.com/support/docview.wss?uid=swg27014463

www.securityfocus.com/bid/34259

www.vupen.com/english/advisories/2009/0854

6.7 Medium

AI Score

Confidence

Low

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

24.7%

JSON

Related for CVE-2009-1173

cvelist2 prion2 cve1 nessus1