Lucene search

[email protected]NVD:CVE-2006-5324

HistoryOct 17, 2006 - 5:07 p.m.

CVE-2006-5324

2006-10-1717:07:00

[email protected]

web.nvd.nist.gov

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.3

Confidence

High

EPSS

0.006

Percentile

78.5%

JSON

The Web Services Notification (WSN) security component of IBM WebSphere Application Server before 6.1.0.2 allows attackers to obtain unspecified access without supplying a username and password, aka PK28374.

Affected configurations

Nvd

Node

ibmwebsphere_application_serverRange≤6.1.0.1

VendorProductVersionCPE
ibmwebsphere_application_server*cpe:2.3:a:ibm:websphere_application_server:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	websphere_application_server	*	cpe:2.3:a:ibm:websphere_application_server::::::::

References

secunia.com/advisories/22372

www-1.ibm.com/support/docview.wss?rs=180&uid=swg24013142

www-1.ibm.com/support/docview.wss?rs=180&uid=swg27007951

www-1.ibm.com/support/search.wss?rs=0&q=PK28374&apar=only

www.vupen.com/english/advisories/2006/4000

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.3

Confidence

High

EPSS

0.006

Percentile

78.5%

JSON

Related for NVD:CVE-2006-5324

cvelist1 cve1