Lucene search

[email protected]CVE-2009-1901

HistoryJun 03, 2009 - 5:00 p.m.

CVE-2009-1901

2009-06-0317:00:00

NVD-CWE-noinfo

[email protected]

web.nvd.nist.gov

ibm

websphere

application server

security

vulnerability

nvd

cve-2009-1901

6.7 Medium

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.003 Low

EPSS

Percentile

69.5%

JSON

The Security component in IBM WebSphere Application Server (WAS) 6.0.2 before 6.0.2.35 permits “non-standard http methods,” which has unknown impact and remote attack vectors.

CPENameOperatorVersion
ibm:websphere_application_serveribm websphere application servereq6.0.2.10
ibm:websphere_application_serveribm websphere application servereq6.0.2.1
ibm:websphere_application_serveribm websphere application servereq6.0.2.5
ibm:websphere_application_serveribm websphere application servereq6.0.2.20
ibm:websphere_application_serveribm websphere application servereq6.0.2.13
ibm:websphere_application_serveribm websphere application servereq6.0.2.9
ibm:websphere_application_serveribm websphere application servereq6.0.2.28
ibm:websphere_application_serveribm websphere application servereq6.0.2.11
ibm:websphere_application_serveribm websphere application servereq6.0.2.6
ibm:websphere_application_serveribm websphere application servereq6.0.2.2

CPE	Name	Operator	Version
ibm:websphere_application_server	ibm websphere application server	eq	6.0.2.10
ibm:websphere_application_server	ibm websphere application server	eq	6.0.2.1
ibm:websphere_application_server	ibm websphere application server	eq	6.0.2.5
ibm:websphere_application_server	ibm websphere application server	eq	6.0.2.20
ibm:websphere_application_server	ibm websphere application server	eq	6.0.2.13
ibm:websphere_application_server	ibm websphere application server	eq	6.0.2.9
ibm:websphere_application_server	ibm websphere application server	eq	6.0.2.28
ibm:websphere_application_server	ibm websphere application server	eq	6.0.2.11
ibm:websphere_application_server	ibm websphere application server	eq	6.0.2.6
ibm:websphere_application_server	ibm websphere application server	eq	6.0.2.2

Rows per page:

1-10 of 331

References

www-01.ibm.com/support/docview.wss?uid=swg27006876

www-1.ibm.com/support/docview.wss?uid=swg1PK73246

www.securityfocus.com/bid/35405

www.vupen.com/english/advisories/2009/1464

exchange.xforce.ibmcloud.com/vulnerabilities/51173

6.7 Medium

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.003 Low

EPSS

Percentile

69.5%

JSON

Related for CVE-2009-1901

cvelist1 prion1 nessus3