Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-0432

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2009-0432
Last Modified 12 Feb 2009 12:00:00
Published 10 Feb 2009 05:30:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2009-0432

Summary

The installation process for the File Transfer servlet in the System Management/Repository component in IBM WebSphere Application Server (WAS) 6.1.x before 6.1.0.19 does not enable the secure version, which allows remote attackers to obtain sensitive information via unspecified vectors.

Vulnerable Systems

Application

  • Ibm Websphere Application Server 6.1.0.1

  • Ibm Websphere Application Server 6.1.0.11

  • Ibm Websphere Application Server 6.1.0.13

  • Ibm Websphere Application Server 6.1.0.15

  • Ibm Websphere Application Server 6.1.0.17

  • Ibm Websphere Application Server 6.1.0.2

  • Ibm Websphere Application Server 6.1.0.3

  • Ibm Websphere Application Server 6.1.0.5

  • Ibm Websphere Application Server 6.1.0.7

  • Ibm Websphere Application Server 6.1.0.9


References

CONFIRM - http://www-01.ibm.com/support/docview.wss?uid=swg27007951

XF - websphere-file-transfer-info-disclosure(48522)

BID - 33700


Last Updated: 27 May 2016 10:50:14