Sql injection

2009-08-1318:30:00

PRIOn knowledge base

www.prio-n.com

8.3 High

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

65.2%

JSON

SQL injection vulnerability in the console in IBM WebSphere Partner Gateway (WPG) Enterprise 6.0 before FP8, 6.1 before FP3, 6.1.1 before FP2, and 6.2 before FP1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.

CPENameOperatorVersion
websphere_partner_gatewayeq6.1.1 enterprise
websphere_partner_gatewayeq6.0.0 fp7
websphere_partner_gatewayeq6.2 enterprise
websphere_partner_gatewayeq6.1.0
websphere_partner_gatewayeq6.1.1 fp1
websphere_partner_gatewayeq6.2
websphere_partner_gatewayeq6.1.1
websphere_partner_gatewayeq6.0.0 enterprise
websphere_partner_gatewayeq6.1.0 enterprise

Name	Operator	Version
websphere_partner_gateway	eq	6.1.1 enterprise
websphere_partner_gateway	eq	6.0.0 fp7
websphere_partner_gateway	eq	6.2 enterprise
websphere_partner_gateway	eq	6.1.0
websphere_partner_gateway	eq	6.1.1 fp1
websphere_partner_gateway	eq	6.2
websphere_partner_gateway	eq	6.1.1
websphere_partner_gateway	eq	6.0.0 enterprise
websphere_partner_gateway	eq	6.1.0 enterprise

References

secunia.com/advisories/36295

www-01.ibm.com/support/docview.wss?uid=swg21382117

www-1.ibm.com/support/docview.wss?uid=swg1JR32386

www-1.ibm.com/support/docview.wss?uid=swg1JR32607

www-1.ibm.com/support/docview.wss?uid=swg1JR32608

www-1.ibm.com/support/docview.wss?uid=swg1JR32609

www-1.ibm.com/support/docview.wss?uid=swg1JR33176

www.vupen.com/english/advisories/2009/2292

exchange.xforce.ibmcloud.com/vulnerabilities/52393