Lucene search

[email protected]NVD:CVE-2007-6679

HistoryJan 10, 2008 - 2:46 a.m.

CVE-2007-6679

2008-01-1002:46:00

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.3

Confidence

High

EPSS

0.005

Percentile

77.2%

JSON

Unspecified vulnerability in the Administrative Console in IBM WebSphere Application Server 6.1 before Fix Pack 13 has unknown impact and attack vectors, related to “security concerns with monitor role users.” NOTE: it was later reported that 6.0.2 before Fix Pack 25 is also affected.

Affected configurations

Nvd

Node

ibmwebsphere_application_serverRange≤6.0.2.24

ibmwebsphere_application_serverMatch6.1

ibmwebsphere_application_serverMatch6.1.0.1

ibmwebsphere_application_serverMatch6.1.0.2

ibmwebsphere_application_serverMatch6.1.0.3

ibmwebsphere_application_serverMatch6.1.0.5

ibmwebsphere_application_serverMatch6.1.0.7

ibmwebsphere_application_serverMatch6.1.0.9

ibmwebsphere_application_serverMatch6.1.0.11

VendorProductVersionCPE
ibmwebsphere_application_server*cpe:2.3:a:ibm:websphere_application_server:*:*:*:*:*:*:*:*
ibmwebsphere_application_server6.1cpe:2.3:a:ibm:websphere_application_server:6.1:*:*:*:*:*:*:*
ibmwebsphere_application_server6.1.0.1cpe:2.3:a:ibm:websphere_application_server:6.1.0.1:*:*:*:*:*:*:*
ibmwebsphere_application_server6.1.0.2cpe:2.3:a:ibm:websphere_application_server:6.1.0.2:*:*:*:*:*:*:*
ibmwebsphere_application_server6.1.0.3cpe:2.3:a:ibm:websphere_application_server:6.1.0.3:*:*:*:*:*:*:*
ibmwebsphere_application_server6.1.0.5cpe:2.3:a:ibm:websphere_application_server:6.1.0.5:*:*:*:*:*:*:*
ibmwebsphere_application_server6.1.0.7cpe:2.3:a:ibm:websphere_application_server:6.1.0.7:*:*:*:*:*:*:*
ibmwebsphere_application_server6.1.0.9cpe:2.3:a:ibm:websphere_application_server:6.1.0.9:*:*:*:*:*:*:*
ibmwebsphere_application_server6.1.0.11cpe:2.3:a:ibm:websphere_application_server:6.1.0.11:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	websphere_application_server	*	cpe:2.3:a:ibm:websphere_application_server::::::::
ibm	websphere_application_server	6.1	cpe:2.3:a:ibm:websphere_application_server:6.1:::::::*
ibm	websphere_application_server	6.1.0.1	cpe:2.3:a:ibm:websphere_application_server:6.1.0.1:::::::*
ibm	websphere_application_server	6.1.0.2	cpe:2.3:a:ibm:websphere_application_server:6.1.0.2:::::::*
ibm	websphere_application_server	6.1.0.3	cpe:2.3:a:ibm:websphere_application_server:6.1.0.3:::::::*
ibm	websphere_application_server	6.1.0.5	cpe:2.3:a:ibm:websphere_application_server:6.1.0.5:::::::*
ibm	websphere_application_server	6.1.0.7	cpe:2.3:a:ibm:websphere_application_server:6.1.0.7:::::::*
ibm	websphere_application_server	6.1.0.9	cpe:2.3:a:ibm:websphere_application_server:6.1.0.9:::::::*
ibm	websphere_application_server	6.1.0.11	cpe:2.3:a:ibm:websphere_application_server:6.1.0.11:::::::*

References

secunia.com/advisories/28588

securitytracker.com/id?1019174

www-1.ibm.com/support/docview.wss?rs=180&uid=swg27007951

www-1.ibm.com/support/docview.wss?uid=swg27006876

www-1.ibm.com/support/search.wss?rs=0&q=PK45768&apar=only

www.vupen.com/english/advisories/2007/3955

www.vupen.com/english/advisories/2008/0241

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.3

Confidence

High

EPSS

0.005

Percentile

77.2%

JSON

Related for NVD:CVE-2007-6679

prion1 cvelist1 cve1 nessus2