var-201002-0744
Vulnerability from variot
The Single Sign-on (SSO) functionality in IBM WebSphere Application Server (WAS) 7.0.0.0 through 7.0.0.8 does not recognize the Requires SSL configuration option, which might allow remote attackers to obtain sensitive information by sniffing network sessions that were expected to be encrypted. Based on the Java and Servlet engines, the IBM Websphere Application Server supports a variety of HTTP services to help users with everything from development and release to maintaining interactive, dynamic websites. IBM WebSphere Application Server (WAS) is prone to a security-bypass vulnerability. Successful exploits may allow attackers to bypass certain security restrictions, which may lead to other attacks. This issue affects WAS 7.0 through 7.0.0.8.
SOLUTION: Apply Interim Fix APAR PM00610 (please see the vendor's advisory for more information).
PROVIDED AND/OR DISCOVERED BY: Reported by the vendor.
ORIGINAL ADVISORY: IBM (PM00610): http://www-01.ibm.com/support/docview.wss?uid=swg21417839
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201002-0744",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "websphere application server",
"scope": "eq",
"trust": 1.9,
"vendor": "ibm",
"version": "7.0.0.7"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 1.9,
"vendor": "ibm",
"version": "7.0.0.5"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 1.9,
"vendor": "ibm",
"version": "7.0.0.1"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 1.9,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 1.6,
"vendor": "ibm",
"version": "7.0.0.8"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 1.6,
"vendor": "ibm",
"version": "7.0.0.3"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "7.0.0.0 to 7.0.0.8"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.6,
"vendor": "ibm",
"version": "7.0.0.0-7.0.0.8"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.03"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.8"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-0217"
},
{
"db": "BID",
"id": "38122"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001085"
},
{
"db": "NVD",
"id": "CVE-2010-0563"
},
{
"db": "CNNVD",
"id": "CNNVD-201002-068"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:ibm:websphere_application_server:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ibm:websphere_application_server:7.0.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ibm:websphere_application_server:7.0.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ibm:websphere_application_server:7.0.0.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ibm:websphere_application_server:7.0.0.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ibm:websphere_application_server:7.0.0.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2010-0563"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM ncsupp@ca.ibm.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201002-068"
}
],
"trust": 0.6
},
"cve": "CVE-2010-0563",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2010-0563",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2010-0563",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201002-068",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001085"
},
{
"db": "NVD",
"id": "CVE-2010-0563"
},
{
"db": "CNNVD",
"id": "CNNVD-201002-068"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Single Sign-on (SSO) functionality in IBM WebSphere Application Server (WAS) 7.0.0.0 through 7.0.0.8 does not recognize the Requires SSL configuration option, which might allow remote attackers to obtain sensitive information by sniffing network sessions that were expected to be encrypted. Based on the Java and Servlet engines, the IBM Websphere Application Server supports a variety of HTTP services to help users with everything from development and release to maintaining interactive, dynamic websites. IBM WebSphere Application Server (WAS) is prone to a security-bypass vulnerability. \nSuccessful exploits may allow attackers to bypass certain security restrictions, which may lead to other attacks. \nThis issue affects WAS 7.0 through 7.0.0.8. \n\nSOLUTION:\nApply Interim Fix APAR PM00610 (please see the vendor\u0027s advisory for\nmore information). \n\nPROVIDED AND/OR DISCOVERED BY:\nReported by the vendor. \n\nORIGINAL ADVISORY:\nIBM (PM00610):\nhttp://www-01.ibm.com/support/docview.wss?uid=swg21417839\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-0563"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001085"
},
{
"db": "CNVD",
"id": "CNVD-2010-0217"
},
{
"db": "BID",
"id": "38122"
},
{
"db": "PACKETSTORM",
"id": "85967"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2010-0563",
"trust": 3.3
},
{
"db": "SECUNIA",
"id": "38425",
"trust": 3.1
},
{
"db": "BID",
"id": "38122",
"trust": 2.7
},
{
"db": "OSVDB",
"id": "62140",
"trust": 2.4
},
{
"db": "SECTRACK",
"id": "1023551",
"trust": 2.4
},
{
"db": "VUPEN",
"id": "ADV-2010-0316",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001085",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2010-0217",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "14472",
"trust": 0.6
},
{
"db": "AIXAPAR",
"id": "PM00610",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201002-068",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "85967",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-0217"
},
{
"db": "BID",
"id": "38122"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001085"
},
{
"db": "PACKETSTORM",
"id": "85967"
},
{
"db": "NVD",
"id": "CVE-2010-0563"
},
{
"db": "CNNVD",
"id": "CNNVD-201002-068"
}
]
},
"id": "VAR-201002-0744",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-0217"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-0217"
}
]
},
"last_update_date": "2023-12-18T12:31:36.363000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "1417839",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21417839"
},
{
"title": "IBM WebSphere Application Server Requires SSL option bypasses security-restricted vulnerability patches",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/2381"
},
{
"title": "7.0.0.11: WebSphere Application Server V7.0 Fix Pack 11 for ibm i",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=2938"
},
{
"title": "7.0.0.11: WebSphere Application Server V7.0 Fix Pack 11 for AIX",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=2942"
},
{
"title": "7.0.0.11: WebSphere Application Server V7.0 Fix Pack 11 for AIX",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=2946"
},
{
"title": "7.0.0.11: WebSphere Application Server V7.0 Fix Pack 11 for HP-UX",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=2950"
},
{
"title": "7.0.0.11: WebSphere Application Server V7.0 Fix Pack 11 for HP-UX",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=2954"
},
{
"title": "7.0.0.11: WebSphere Application Server V7.0 Fix Pack 11 for HP-UX",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=2958"
},
{
"title": "7.0.0.11: WebSphere Application Server V7.0 Fix Pack 11 for Windows",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=2962"
},
{
"title": "7.0.0.11: WebSphere Application Server V7.0 Fix Pack 11 for Windows",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=2966"
},
{
"title": "7.0.0.11: WebSphere Application Server V7.0 Fix Pack 11 for Windows",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=2970"
},
{
"title": "7.0.0.11: WebSphere Application Server V7.0 Fix Pack 11 for ibm i",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=2937"
},
{
"title": "7.0.0.11: WebSphere Application Server V7.0 Fix Pack 11 for AIX",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=2941"
},
{
"title": "7.0.0.11: WebSphere Application Server V7.0 Fix Pack 11 for AIX",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=2945"
},
{
"title": "7.0.0.11: WebSphere Application Server V7.0 Fix Pack 11 for AIX",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=2949"
},
{
"title": "7.0.0.11: WebSphere Application Server V7.0 Fix Pack 11 for HP-UX",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=2953"
},
{
"title": "7.0.0.11: WebSphere Application Server V7.0 Fix Pack 11 for HP-UX",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=2957"
},
{
"title": "7.0.0.11: WebSphere Application Server V7.0 Fix Pack 11 for Windows",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=2961"
},
{
"title": "7.0.0.11: WebSphere Application Server V7.0 Fix Pack 11 for Windows",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=2965"
},
{
"title": "7.0.0.11: WebSphere Application Server V7.0 Fix Pack 11 for Windows",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=2969"
},
{
"title": "7.0.0.11: WebSphere Application Server V7.0 Fix Pack 11 for ibm i",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=2936"
},
{
"title": "7.0.0.11: WebSphere Application Server V7.0 Fix Pack 11 for AIX",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=2940"
},
{
"title": "7.0.0.11: WebSphere Application Server V7.0 Fix Pack 11 for AIX",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=2944"
},
{
"title": "7.0.0.11: WebSphere Application Server V7.0 Fix Pack 11 for AIX",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=2948"
},
{
"title": "7.0.0.11: WebSphere Application Server V7.0 Fix Pack 11 for HP-UX",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=2952"
},
{
"title": "7.0.0.11: WebSphere Application Server V7.0 Fix Pack 11 for HP-UX",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=2956"
},
{
"title": "7.0.0.11: WebSphere Application Server V7.0 Fix Pack 11 for HP-UX",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=2960"
},
{
"title": "7.0.0.11: WebSphere Application Server V7.0 Fix Pack 11 for Windows",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=2964"
},
{
"title": "7.0.0.11: WebSphere Application Server V7.0 Fix Pack 11 for Windows",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=2968"
},
{
"title": "7.0.0.11: WebSphere Application Server V7.0 Fix Pack 11 for ibm i",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=2935"
},
{
"title": "7.0.0.11: WebSphere Application Server V7.0 Fix Pack 11 for AIX",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=2939"
},
{
"title": "7.0.0.11: WebSphere Application Server V7.0 Fix Pack 11 for AIX",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=2943"
},
{
"title": "7.0.0.11: WebSphere Application Server V7.0 Fix Pack 11 for AIX",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=2947"
},
{
"title": "7.0.0.11: WebSphere Application Server V7.0 Fix Pack 11 for HP-UX",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=2951"
},
{
"title": "7.0.0.11: WebSphere Application Server V7.0 Fix Pack 11 for HP-UX",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=2955"
},
{
"title": "7.0.0.11: WebSphere Application Server V7.0 Fix Pack 11 for HP-UX",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=2959"
},
{
"title": "7.0.0.11: WebSphere Application Server V7.0 Fix Pack 11 for Windows",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=2963"
},
{
"title": "7.0.0.11: WebSphere Application Server V7.0 Fix Pack 11 for Windows",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=2967"
},
{
"title": "7.0.0.11: WebSphere Application Server V7.0 Fix Pack 11 for Windows",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=2971"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-0217"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001085"
},
{
"db": "CNNVD",
"id": "CNNVD-201002-068"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001085"
},
{
"db": "NVD",
"id": "CVE-2010-0563"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "http://www.securityfocus.com/bid/38122"
},
{
"trust": 2.4,
"url": "http://securitytracker.com/id?1023551"
},
{
"trust": 2.0,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21417839"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/38425"
},
{
"trust": 1.6,
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1pm00610"
},
{
"trust": 1.6,
"url": "http://www.osvdb.org/62140"
},
{
"trust": 1.5,
"url": "http://secunia.com/advisories/38425/"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0563"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-0563"
},
{
"trust": 0.8,
"url": "http://osvdb.org/62140"
},
{
"trust": 0.8,
"url": "http://www.vupen.com/english/advisories/2010/0316"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/14472"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/software/websphere/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/blog/71/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-0217"
},
{
"db": "BID",
"id": "38122"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001085"
},
{
"db": "PACKETSTORM",
"id": "85967"
},
{
"db": "NVD",
"id": "CVE-2010-0563"
},
{
"db": "CNNVD",
"id": "CNNVD-201002-068"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2010-0217"
},
{
"db": "BID",
"id": "38122"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001085"
},
{
"db": "PACKETSTORM",
"id": "85967"
},
{
"db": "NVD",
"id": "CVE-2010-0563"
},
{
"db": "CNNVD",
"id": "CNNVD-201002-068"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-02-08T00:00:00",
"db": "CNVD",
"id": "CNVD-2010-0217"
},
{
"date": "2010-02-05T00:00:00",
"db": "BID",
"id": "38122"
},
{
"date": "2010-02-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001085"
},
{
"date": "2010-02-05T14:55:31",
"db": "PACKETSTORM",
"id": "85967"
},
{
"date": "2010-02-08T21:30:00.530000",
"db": "NVD",
"id": "CVE-2010-0563"
},
{
"date": "2010-02-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201002-068"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-02-08T00:00:00",
"db": "CNVD",
"id": "CNVD-2010-0217"
},
{
"date": "2015-04-13T21:02:00",
"db": "BID",
"id": "38122"
},
{
"date": "2010-02-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001085"
},
{
"date": "2010-11-03T04:00:00",
"db": "NVD",
"id": "CVE-2010-0563"
},
{
"date": "2010-02-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201002-068"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201002-068"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM WebSphere Application Server of Single Sign-on Vulnerabilities that capture important information on functions",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001085"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201002-068"
}
],
"trust": 0.6
}
}
Loading...
Loading...
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.