Lucene search

[email protected]CVE-2011-0316

HistoryJan 12, 2011 - 1:00 a.m.

CVE-2011-0316

2011-01-1201:00:02

CWE-264

[email protected]

web.nvd.nist.gov

ibm

websphere

application server

vulnerability

cve-2011-0316

nvd

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

6 Medium

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

76.1%

JSON

The Administrative Console component in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.35 and 7.0 before 7.0.0.15 does not properly restrict access to console servlets, which allows remote attackers to obtain potentially sensitive status information via a direct request.

Affected configurations

NVD

Node

ibmwebsphere_application_serverMatch6.1

ibmwebsphere_application_serverMatch6.1.0

ibmwebsphere_application_serverMatch6.1.0.0

ibmwebsphere_application_serverMatch6.1.0.1

ibmwebsphere_application_serverMatch6.1.0.2

ibmwebsphere_application_serverMatch6.1.0.3

ibmwebsphere_application_serverMatch6.1.0.5

ibmwebsphere_application_serverMatch6.1.0.7

ibmwebsphere_application_serverMatch6.1.0.9

ibmwebsphere_application_serverMatch6.1.0.11

ibmwebsphere_application_serverMatch6.1.0.12

ibmwebsphere_application_serverMatch6.1.0.13

ibmwebsphere_application_serverMatch6.1.0.15

ibmwebsphere_application_serverMatch6.1.0.17

ibmwebsphere_application_serverMatch6.1.0.19

ibmwebsphere_application_serverMatch6.1.0.21

ibmwebsphere_application_serverMatch6.1.0.23

ibmwebsphere_application_serverMatch6.1.0.25

ibmwebsphere_application_serverMatch6.1.0.27

ibmwebsphere_application_serverMatch6.1.0.29

ibmwebsphere_application_serverMatch6.1.0.31

ibmwebsphere_application_serverMatch6.1.0.33

Node

ibmwebsphere_application_serverMatch7.0

ibmwebsphere_application_serverMatch7.0.0.1

ibmwebsphere_application_serverMatch7.0.0.2

ibmwebsphere_application_serverMatch7.0.0.3

ibmwebsphere_application_serverMatch7.0.0.4

ibmwebsphere_application_serverMatch7.0.0.5

ibmwebsphere_application_serverMatch7.0.0.6

ibmwebsphere_application_serverMatch7.0.0.7

ibmwebsphere_application_serverMatch7.0.0.8

ibmwebsphere_application_serverMatch7.0.0.9

ibmwebsphere_application_serverMatch7.0.0.11

ibmwebsphere_application_serverMatch7.0.0.13

CPENameOperatorVersion
ibm:websphere_application_serveribm websphere application servereq6.1
ibm:websphere_application_serveribm websphere application servereq6.1.0
ibm:websphere_application_serveribm websphere application servereq6.1.0.0
ibm:websphere_application_serveribm websphere application servereq6.1.0.1
ibm:websphere_application_serveribm websphere application servereq6.1.0.2
ibm:websphere_application_serveribm websphere application servereq6.1.0.3
ibm:websphere_application_serveribm websphere application servereq6.1.0.5
ibm:websphere_application_serveribm websphere application servereq6.1.0.7
ibm:websphere_application_serveribm websphere application servereq6.1.0.9
ibm:websphere_application_serveribm websphere application servereq6.1.0.11

CPE	Name	Operator	Version
ibm:websphere_application_server	ibm websphere application server	eq	6.1
ibm:websphere_application_server	ibm websphere application server	eq	6.1.0
ibm:websphere_application_server	ibm websphere application server	eq	6.1.0.0
ibm:websphere_application_server	ibm websphere application server	eq	6.1.0.1
ibm:websphere_application_server	ibm websphere application server	eq	6.1.0.2
ibm:websphere_application_server	ibm websphere application server	eq	6.1.0.3
ibm:websphere_application_server	ibm websphere application server	eq	6.1.0.5
ibm:websphere_application_server	ibm websphere application server	eq	6.1.0.7
ibm:websphere_application_server	ibm websphere application server	eq	6.1.0.9
ibm:websphere_application_server	ibm websphere application server	eq	6.1.0.11

Rows per page:

1-10 of 221

References

secunia.com/advisories/42938

www-01.ibm.com/support/docview.wss?uid=swg1PM24372

www-01.ibm.com/support/docview.wss?uid=swg27007951

www-01.ibm.com/support/docview.wss?uid=swg27014463

www.securityfocus.com/bid/46736

www.vupen.com/english/advisories/2011/0564

exchange.xforce.ibmcloud.com/vulnerabilities/64558

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

6 Medium

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

76.1%

JSON

Related for CVE-2011-0316

cvelist1 prion1 nvd1 openvas2 nessus2