Lucene search

[email protected]NVD:CVE-2008-4283

HistoryFeb 10, 2009 - 10:30 p.m.

CVE-2008-4283

2009-02-1022:30:00

CWE-20

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.8

Confidence

High

EPSS

0.006

Percentile

79.1%

JSON

CRLF injection vulnerability in the WebContainer component in IBM WebSphere Application Server (WAS) 5.1.1.19 and earlier 5.1.x versions allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.

Affected configurations

Nvd

Node

ibmwebsphere_application_serverRange≤5.1.1.19

ibmwebsphere_application_serverMatch5.0

ibmwebsphere_application_serverMatch5.0z_os

ibmwebsphere_application_serverMatch5.0.0

ibmwebsphere_application_serverMatch5.0.1

ibmwebsphere_application_serverMatch5.0.2

ibmwebsphere_application_serverMatch5.0.2.1

ibmwebsphere_application_serverMatch5.0.2.2

ibmwebsphere_application_serverMatch5.0.2.3

ibmwebsphere_application_serverMatch5.0.2.4

ibmwebsphere_application_serverMatch5.0.2.5

ibmwebsphere_application_serverMatch5.0.2.6

ibmwebsphere_application_serverMatch5.0.2.7

ibmwebsphere_application_serverMatch5.0.2.8

ibmwebsphere_application_serverMatch5.0.2.9

ibmwebsphere_application_serverMatch5.0.2.10

ibmwebsphere_application_serverMatch5.0.2.11

ibmwebsphere_application_serverMatch5.0.2.12

ibmwebsphere_application_serverMatch5.0.2.13

ibmwebsphere_application_serverMatch5.0.2.14

ibmwebsphere_application_serverMatch5.0.2.15

ibmwebsphere_application_serverMatch5.0.2.16

ibmwebsphere_application_serverMatch5.1.0

ibmwebsphere_application_serverMatch5.1.0.2

ibmwebsphere_application_serverMatch5.1.0.3

ibmwebsphere_application_serverMatch5.1.0.4

ibmwebsphere_application_serverMatch5.1.0.5

ibmwebsphere_application_serverMatch5.1.1

ibmwebsphere_application_serverMatch5.1.1.1

ibmwebsphere_application_serverMatch5.1.1.2

ibmwebsphere_application_serverMatch5.1.1.3

ibmwebsphere_application_serverMatch5.1.1.4

ibmwebsphere_application_serverMatch5.1.1.5

ibmwebsphere_application_serverMatch5.1.1.6

ibmwebsphere_application_serverMatch5.1.1.7

ibmwebsphere_application_serverMatch5.1.1.8

ibmwebsphere_application_serverMatch5.1.1.9

ibmwebsphere_application_serverMatch5.1.1.10

ibmwebsphere_application_serverMatch5.1.1.11

ibmwebsphere_application_serverMatch5.1.1.12

ibmwebsphere_application_serverMatch5.1.1.13

ibmwebsphere_application_serverMatch5.1.1.14

ibmwebsphere_application_serverMatch5.1.1.15

ibmwebsphere_application_serverMatch5.1.1.16

ibmwebsphere_application_serverMatch5.1.1.17

ibmwebsphere_application_serverMatch5.1.1.18

VendorProductVersionCPE
ibmwebsphere_application_server*cpe:2.3:a:ibm:websphere_application_server:*:*:*:*:*:*:*:*
ibmwebsphere_application_server5.0cpe:2.3:a:ibm:websphere_application_server:5.0:*:*:*:*:*:*:*
ibmwebsphere_application_server5.0cpe:2.3:a:ibm:websphere_application_server:5.0:*:z_os:*:*:*:*:*
ibmwebsphere_application_server5.0.0cpe:2.3:a:ibm:websphere_application_server:5.0.0:*:*:*:*:*:*:*
ibmwebsphere_application_server5.0.1cpe:2.3:a:ibm:websphere_application_server:5.0.1:*:*:*:*:*:*:*
ibmwebsphere_application_server5.0.2cpe:2.3:a:ibm:websphere_application_server:5.0.2:*:*:*:*:*:*:*
ibmwebsphere_application_server5.0.2.1cpe:2.3:a:ibm:websphere_application_server:5.0.2.1:*:*:*:*:*:*:*
ibmwebsphere_application_server5.0.2.2cpe:2.3:a:ibm:websphere_application_server:5.0.2.2:*:*:*:*:*:*:*
ibmwebsphere_application_server5.0.2.3cpe:2.3:a:ibm:websphere_application_server:5.0.2.3:*:*:*:*:*:*:*
ibmwebsphere_application_server5.0.2.4cpe:2.3:a:ibm:websphere_application_server:5.0.2.4:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	websphere_application_server	*	cpe:2.3:a:ibm:websphere_application_server::::::::
ibm	websphere_application_server	5.0	cpe:2.3:a:ibm:websphere_application_server:5.0:::::::*
ibm	websphere_application_server	5.0	cpe:2.3:a:ibm:websphere_application_server:5.0::z_os:::::
ibm	websphere_application_server	5.0.0	cpe:2.3:a:ibm:websphere_application_server:5.0.0:::::::*
ibm	websphere_application_server	5.0.1	cpe:2.3:a:ibm:websphere_application_server:5.0.1:::::::*
ibm	websphere_application_server	5.0.2	cpe:2.3:a:ibm:websphere_application_server:5.0.2:::::::*
ibm	websphere_application_server	5.0.2.1	cpe:2.3:a:ibm:websphere_application_server:5.0.2.1:::::::*
ibm	websphere_application_server	5.0.2.2	cpe:2.3:a:ibm:websphere_application_server:5.0.2.2:::::::*
ibm	websphere_application_server	5.0.2.3	cpe:2.3:a:ibm:websphere_application_server:5.0.2.3:::::::*
ibm	websphere_application_server	5.0.2.4	cpe:2.3:a:ibm:websphere_application_server:5.0.2.4:::::::*

Rows per page:

1-10 of 461

References

www-1.ibm.com/support/docview.wss?uid=isg1SE35864

www-1.ibm.com/support/docview.wss?uid=swg1PK69929

www.securityfocus.com/bid/33700

exchange.xforce.ibmcloud.com/vulnerabilities/47199

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.8

Confidence

High

EPSS

0.006

Percentile

79.1%

JSON

Related for NVD:CVE-2008-4283

prion1 cvelist1 cve1