Lucene search
HistoryAug 13, 2009 - 6:30 p.m.
CVE-2009-2089
CVSS2
2.1
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:H/Au:S/C:P/I:N/A:N
AI Score
5.5
Confidence
High
EPSS
0.001
Percentile
47.8%
The Migration component in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.25 and 7.0 before 7.0.0.5, when tracing is enabled and a 6.1 to 7.0 migration has occurred, allows remote authenticated users to obtain sensitive information by reading a Migration Trace file.
Affected configurations
Node
ibmwebsphere_application_serverMatch6.1
ORibmwebsphere_application_serverMatch6.1.0
ORibmwebsphere_application_serverMatch6.1.0.0
ORibmwebsphere_application_serverMatch6.1.0.1
ORibmwebsphere_application_serverMatch6.1.0.2
ORibmwebsphere_application_serverMatch6.1.0.3
ORibmwebsphere_application_serverMatch6.1.0.4
ORibmwebsphere_application_serverMatch6.1.0.5
ORibmwebsphere_application_serverMatch6.1.0.6
ORibmwebsphere_application_serverMatch6.1.0.7
ORibmwebsphere_application_serverMatch6.1.0.8
ORibmwebsphere_application_serverMatch6.1.0.9
ORibmwebsphere_application_serverMatch6.1.0.10
ORibmwebsphere_application_serverMatch6.1.0.11
ORibmwebsphere_application_serverMatch6.1.0.12
ORibmwebsphere_application_serverMatch6.1.0.13
ORibmwebsphere_application_serverMatch6.1.0.14
ORibmwebsphere_application_serverMatch6.1.0.15
ORibmwebsphere_application_serverMatch6.1.0.16
ORibmwebsphere_application_serverMatch6.1.0.17
ORibmwebsphere_application_serverMatch6.1.0.18
ORibmwebsphere_application_serverMatch6.1.0.19
ORibmwebsphere_application_serverMatch6.1.0.20
ORibmwebsphere_application_serverMatch6.1.0.21
ORibmwebsphere_application_serverMatch6.1.0.22
ORibmwebsphere_application_serverMatch6.1.0.23
ORibmwebsphere_application_serverMatch6.1.0.24
ORibmwebsphere_application_serverMatch7.0
ORibmwebsphere_application_serverMatch7.0.0.1
ORibmwebsphere_application_serverMatch7.0.0.3
ORibmwebsphere_application_serverMatch7.0.0.4
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ibm | websphere_application_server | 6.1 | cpe:2.3:a:ibm:websphere_application_server:6.1:*:*:*:*:*:*:* |
| ibm | websphere_application_server | 6.1.0 | cpe:2.3:a:ibm:websphere_application_server:6.1.0:*:*:*:*:*:*:* |
| ibm | websphere_application_server | 6.1.0.0 | cpe:2.3:a:ibm:websphere_application_server:6.1.0.0:*:*:*:*:*:*:* |
| ibm | websphere_application_server | 6.1.0.1 | cpe:2.3:a:ibm:websphere_application_server:6.1.0.1:*:*:*:*:*:*:* |
| ibm | websphere_application_server | 6.1.0.2 | cpe:2.3:a:ibm:websphere_application_server:6.1.0.2:*:*:*:*:*:*:* |
| ibm | websphere_application_server | 6.1.0.3 | cpe:2.3:a:ibm:websphere_application_server:6.1.0.3:*:*:*:*:*:*:* |
| ibm | websphere_application_server | 6.1.0.4 | cpe:2.3:a:ibm:websphere_application_server:6.1.0.4:*:*:*:*:*:*:* |
| ibm | websphere_application_server | 6.1.0.5 | cpe:2.3:a:ibm:websphere_application_server:6.1.0.5:*:*:*:*:*:*:* |
| ibm | websphere_application_server | 6.1.0.6 | cpe:2.3:a:ibm:websphere_application_server:6.1.0.6:*:*:*:*:*:*:* |
| ibm | websphere_application_server | 6.1.0.7 | cpe:2.3:a:ibm:websphere_application_server:6.1.0.7:*:*:*:*:*:*:* |
Related
prion
prion
Design/Logic Flaw
2009-08-13 18:30:00
cvelist
cvelist
CVE-2009-2089
2009-08-13 18:00:00
cve
cve
CVE-2009-2089
2009-08-13 18:30:00
nessus
nessus
IBM WebSphere Application Server < 6.1.0.25 Multiple Vulnerabilities
2009-06-19 00:00:00
IBM WebSphere Application Server 7.0 < Fix Pack 5
2009-08-31 00:00:00
CVSS2
2.1
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:H/Au:S/C:P/I:N/A:N
AI Score
5.5
Confidence
High
EPSS
0.001
Percentile
47.8%
Related for NVD:CVE-2009-2089