[Forgot Password]
Login  Register Subscribe

30481

 
 

423868

 
 

256369

 
 

909

 
 

199183

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2006-2430Date: (C)2006-05-17   (M)2023-12-22


IBM WebSphere Application Server 5.0.2 and earlier, 5.1.1 and earlier, and 6.0.2 up to 6.0.2.7 records user credentials in plaintext in addNode.log, which allows attackers to gain privileges.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 10.0
Exploit Score: 10.0
Impact Score: 10.0
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: COMPLETE
Integrity: COMPLETE
Availability: COMPLETE
  
Reference:
SECUNIA-20032
http://archives.neohapsis.com/archives/bugtraq/2006-05/0175.html
OSVDB-25372
SREASON-910
ADV-2006-1736
PK16492
PK22416
http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg24011773
http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg24012009
http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg24012064

CPE    13
cpe:/a:ibm:websphere_application_server:5.1.1
cpe:/a:ibm:websphere_application_server:5.0.2
cpe:/a:ibm:websphere_application_server:5.1.0
cpe:/a:ibm:websphere_application_server:5.0.1
...

© SecPod Technologies