CVE-2009-2092

2009-08-1318:00:00

mitre

www.cve.org

6.4 Medium

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

73.3%

JSON

IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.5 does not properly read the portletServingEnabled parameter in ibm-portlet-ext.xmi, which allows remote attackers to bypass intended access restrictions via unknown vectors.

References

secunia.com/advisories/34461

www-01.ibm.com/support/docview.wss?uid=swg27014463

www-1.ibm.com/support/docview.wss?uid=swg1PK89385

www.securityfocus.com/bid/36155

exchange.xforce.ibmcloud.com/vulnerabilities/52375