Lucene search

MitreCVE-2006-4222

HistoryAug 18, 2006 - 8:04 p.m.

CVE-2006-4222

2006-08-1820:04:00

mitre

web.nvd.nist.gov

ibm

websphere

app server

vulnerabilities

unspecified

cve-2006-4222

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

7.3

Confidence

Low

EPSS

0.002

Percentile

61.5%

JSON

Multiple unspecified vulnerabilities in IBM WebSphere Application Server before 6.0.2.13 have unspecified vectors and impact, including (1) an “authority problem” in ThreadIdentitySupport as identified by PK25199, and “Potential security exposure” issues as identified by (2) PK22747, (3) PK24334, (4) PK25740, and (5) PK26123.

Affected configurations

Nvd

Node

ibmwebsphere_application_serverRange≤6.0.2.11

ibmwebsphere_application_serverMatch6.0.2

ibmwebsphere_application_serverMatch6.0.2.1

ibmwebsphere_application_serverMatch6.0.2.3

ibmwebsphere_application_serverMatch6.0.2.5

ibmwebsphere_application_serverMatch6.0.2.7

ibmwebsphere_application_serverMatch6.0.2.9

VendorProductVersionCPE
ibmwebsphere_application_server*cpe:2.3:a:ibm:websphere_application_server:*:*:*:*:*:*:*:*
ibmwebsphere_application_server6.0.2cpe:2.3:a:ibm:websphere_application_server:6.0.2:*:*:*:*:*:*:*
ibmwebsphere_application_server6.0.2.1cpe:2.3:a:ibm:websphere_application_server:6.0.2.1:*:*:*:*:*:*:*
ibmwebsphere_application_server6.0.2.3cpe:2.3:a:ibm:websphere_application_server:6.0.2.3:*:*:*:*:*:*:*
ibmwebsphere_application_server6.0.2.5cpe:2.3:a:ibm:websphere_application_server:6.0.2.5:*:*:*:*:*:*:*
ibmwebsphere_application_server6.0.2.7cpe:2.3:a:ibm:websphere_application_server:6.0.2.7:*:*:*:*:*:*:*
ibmwebsphere_application_server6.0.2.9cpe:2.3:a:ibm:websphere_application_server:6.0.2.9:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	websphere_application_server	*	cpe:2.3:a:ibm:websphere_application_server::::::::
ibm	websphere_application_server	6.0.2	cpe:2.3:a:ibm:websphere_application_server:6.0.2:::::::*
ibm	websphere_application_server	6.0.2.1	cpe:2.3:a:ibm:websphere_application_server:6.0.2.1:::::::*
ibm	websphere_application_server	6.0.2.3	cpe:2.3:a:ibm:websphere_application_server:6.0.2.3:::::::*
ibm	websphere_application_server	6.0.2.5	cpe:2.3:a:ibm:websphere_application_server:6.0.2.5:::::::*
ibm	websphere_application_server	6.0.2.7	cpe:2.3:a:ibm:websphere_application_server:6.0.2.7:::::::*
ibm	websphere_application_server	6.0.2.9	cpe:2.3:a:ibm:websphere_application_server:6.0.2.9:::::::*

References

secunia.com/advisories/21487

www-1.ibm.com/support/docview.wss?rs=180&uid=swg27006876#60213

www.vupen.com/english/advisories/2006/3281

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

7.3

Confidence

Low

EPSS

0.002

Percentile

61.5%

JSON

Related for CVE-2006-4222