Lucene search

[email protected]CVE-2011-1309

HistoryMar 08, 2011 - 9:59 p.m.

CVE-2011-1309

2011-03-0821:59:00

CWE-20

[email protected]

web.nvd.nist.gov

ibm

websphere

app server

plug-in

vulnerability

cve-2011-1309

nvd

web security

6.6 Medium

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.003 Low

EPSS

Percentile

71.3%

JSON

The Plug-in component in IBM WebSphere Application Server (WAS) before 7.0.0.15 does not properly handle trace requests, which has unspecified impact and attack vectors.

CPENameOperatorVersion
ibm:websphere_application_serveribm websphere application servereq5.0.0
ibm:websphere_application_serveribm websphere application servereq6.1.0.21
ibm:websphere_application_serveribm websphere application servereq6.1.0.31
ibm:websphere_application_serveribm websphere application servereq3.0.21
ibm:websphere_application_serveribm websphere application servereq6.1.7
ibm:websphere_application_serveribm websphere application servereq5.1.0.5
ibm:websphere_application_serveribm websphere application servereq6.1
ibm:websphere_application_serveribm websphere application servereq7.0.0.2
ibm:websphere_application_serveribm websphere application servereq5.0.2.10
ibm:websphere_application_serveribm websphere application servereq5.1.1.14

CPE	Name	Operator	Version
ibm:websphere_application_server	ibm websphere application server	eq	5.0.0
ibm:websphere_application_server	ibm websphere application server	eq	6.1.0.21
ibm:websphere_application_server	ibm websphere application server	eq	6.1.0.31
ibm:websphere_application_server	ibm websphere application server	eq	3.0.21
ibm:websphere_application_server	ibm websphere application server	eq	6.1.7
ibm:websphere_application_server	ibm websphere application server	eq	5.1.0.5
ibm:websphere_application_server	ibm websphere application server	eq	6.1
ibm:websphere_application_server	ibm websphere application server	eq	7.0.0.2
ibm:websphere_application_server	ibm websphere application server	eq	5.0.2.10
ibm:websphere_application_server	ibm websphere application server	eq	5.1.1.14

Rows per page:

1-10 of 1391

References

www-01.ibm.com/support/docview.wss?uid=swg1PM22860

www-01.ibm.com/support/docview.wss?uid=swg27014463

www.securityfocus.com/bid/46736

www.vupen.com/english/advisories/2011/0564

6.6 Medium

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.003 Low

EPSS

Percentile

71.3%

JSON

Related for CVE-2011-1309

prion1 cvelist1 openvas2 nessus1