CVSS: 4.3EPSS: 0%CPEs: 4EXPL: 0CVE-2009-0899
https://notcve.org/view.php?id=CVE-2009-0899
IBM WebSphere Application Server (WAS) 6.1 through 6.1.0.24 and 7.0 through 7.0.0.4, IBM WebSphere Portal Server 5.1 through 6.0, and IBM Integrated Solutions Console (ISC) 6.0.1 do not properly set the IsSecurityEnabled security flag during migration of WebSphere Member Manager (WMM) to Virtual Member Manager (VMM) and a Federated Repository, which allows attackers to obtain sensitive information from repositories via unspecified vectors. IBM WebSphere Application Server (WAS) v6.1 a la v6.1.0.24 y v7.0 a la v7.0.0.4, IBM WebSphere Portal Server v5.1 a la v6.0, e IBM Integrated Solutions Console (ISC) v6.0.1, no establecen adecuadamente la opción de seguridad IsSecurityEnabled durante la migración de WebSphere Member Manager (WMM) a Virtual Member Manager (VMM) y a Federated Repository, lo que permite a atacantes obtener información sensible de los repositorios a través de vectores no especificados. • http://www-01.ibm.com/support/docview.wss?uid=swg21375859 http://www-1.ibm.com/support/docview.wss?uid=swg1PK78134 http://www.securityfocus.com/bid/35406 https://exchange.xforce.ibmcloud.com/vulnerabilities/50882 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 10.0EPSS: 0%CPEs: 6EXPL: 0CVE-2008-5675
https://notcve.org/view.php?id=CVE-2008-5675
Unspecified vulnerability in IBM WebSphere Portal 6.0 before 6.0.1.5 has unknown impact and attack vectors related to "Access problems with BasicAuthTAI." Vulnerabilidad inespecifica en IBM WebSphere Portal v6.0 anteriores a v6.0.1.5 tiene un impacto desconocido y vectores de ataque relacionados con "problemas de acceso con BasicAuthTAI". • http://secunia.com/advisories/33132 http://www-01.ibm.com/support/docview.wss?uid=swg27007603 http://www-1.ibm.com/support/docview.wss?uid=swg1PK75304 http://www.osvdb.org/50720 http://www.vupen.com/english/advisories/2008/3427 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 1%CPEs: 11EXPL: 0CVE-2008-3423
https://notcve.org/view.php?id=CVE-2008-3423
IBM WebSphere Portal 5.1 through 6.1.0.0 allows remote attackers to bypass authentication and obtain administrative access via unspecified vectors. IBM WebSphere Portal 5.1 hasta la 6.1.0.0 permite a atacantes remotos saltarse la autenticación y obtener acceso administrativo a través de vectores no especificados. • http://secunia.com/advisories/31443 http://www-1.ibm.com/support/docview.wss?uid=swg1PK67104 http://www.securityfocus.com/bid/30500 http://www.securitytracker.com/id?1020712 http://www.vupen.com/english/advisories/2008/2405 https://exchange.xforce.ibmcloud.com/vulnerabilities/44264 • CWE-264: Permissions, Privileges, and Access Controls •