Lucene search
MitreCVE-2009-1173HistoryMar 31, 2009 - 2:09 p.m.
CVE-2009-1173
2009-03-3114:09:53
CWE-264
mitre
web.nvd.nist.gov
27
ibm
websphere
application server
7.0
vulnerability
weak permissions
cve-2009-1173
nvd
CVSS2
2.1
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:L/Au:N/C:N/I:P/A:N
AI Score
6.5
Confidence
Low
EPSS
0.001
Percentile
25.0%
IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.3 uses weak permissions (777) for files associated with unspecified “interim fixes,” which allows attackers to modify files that would not have been accessible if the intended 755 permissions were used.
Affected configurations
Node
ibmwebsphere_application_serverMatch7.0
ORibmwebsphere_application_serverMatch7.0.0.1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ibm | websphere_application_server | 7.0 | cpe:2.3:a:ibm:websphere_application_server:7.0:*:*:*:*:*:*:* |
| ibm | websphere_application_server | 7.0.0.1 | cpe:2.3:a:ibm:websphere_application_server:7.0.0.1:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2009-1173
2009-03-31 10:00:00
CVE-2011-1307
2011-03-08 21:00:00
nvd
nvd
CVE-2009-1173
2009-03-31 14:09:53
CVE-2011-1307
2011-03-08 21:59:34
prion
prion
Code injection
2009-03-31 14:09:00
Design/Logic Flaw
2011-03-08 21:59:00
cve
cve
CVE-2011-1307
2011-03-08 21:59:34
nessus
nessus
IBM WebSphere Application Server 7.0 < Fix Pack 3
2009-04-10 00:00:00
CVSS2
2.1
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:L/Au:N/C:N/I:P/A:N
AI Score
6.5
Confidence
Low
EPSS
0.001
Percentile
25.0%
Related for CVE-2009-1173