Lucene search
HistoryAug 13, 2009 - 6:30 p.m.
CVE-2009-2091
ibm
websphere
application server
7.0
z/os
weak file permissions
security vulnerability
cve-2009-2091
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
6.1
Confidence
Low
EPSS
0.003
Percentile
71.8%
The System Management/Repository component in IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.5 on z/OS uses weak file permissions for new applications, which allows remote attackers to obtain sensitive information via unspecified vectors.
Affected configurations
Node
ibmwebsphere_application_serverMatch7.0
ORibmwebsphere_application_serverMatch7.0.0.1
ORibmwebsphere_application_serverMatch7.0.0.3
ORibmwebsphere_application_serverMatch7.0.0.4
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ibm | websphere_application_server | 7.0.0.3 | cpe:/a:ibm:websphere_application_server:7.0.0.3::: |
| ibm | websphere_application_server | 7.0.0.1 | cpe:/a:ibm:websphere_application_server:7.0.0.1::: |
| ibm | websphere_application_server | 7.0.0.4 | cpe:/a:ibm:websphere_application_server:7.0.0.4::: |
| ibm | websphere_application_server | 7.0 | cpe:/a:ibm:websphere_application_server:7.0::: |
Related
cvelist
cvelist
CVE-2009-2091
2009-08-13 18:00:00
prion
prion
Design/Logic Flaw
2009-08-13 18:30:00
nvd
nvd
CVE-2009-2091
2009-08-13 18:30:00
nessus
nessus
IBM WebSphere Application Server < 6.1.0.27 Multiple Vulnerabilities
2009-09-23 00:00:00
IBM WebSphere Application Server 7.0 < Fix Pack 5
2009-08-31 00:00:00
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
6.1
Confidence
Low
EPSS
0.003
Percentile
71.8%
Related for CVE-2009-2091