CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2008-5411
https://notcve.org/view.php?id=CVE-2008-5411
IBM WebSphere Application Server (WAS) 7 before 7.0.0.1 sends SSL traffic over "unsecured TCP," which makes it easier for remote attackers to obtain sensitive information by sniffing the network. IBM WebSphere Application Server (WAS) 7 y versiones anteriores 7.0.0.1 que envía tráfico SSL sobre "TCP inseguro", el cual hace más fácil para usuarios remotos obtener información sensible, rastreando la red. • http://secunia.com/advisories/33022 http://www-01.ibm.com/support/docview.wss?uid=swg27014463 http://www-1.ibm.com/support/docview.wss?uid=swg1PK74777 http://www.securityfocus.com/bid/32679 http://www.vupen.com/english/advisories/2008/3370 https://exchange.xforce.ibmcloud.com/vulnerabilities/47135 • CWE-310: Cryptographic Issues •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2008-5414
https://notcve.org/view.php?id=CVE-2008-5414
Unspecified vulnerability in the Feature Pack for Web Services in the Web Services Security component in IBM WebSphere Application Server (WAS) 7 before 7.0.0.1 has unknown impact and attack vectors related to "userNameToken." Vulnerabilidad sin especificar en el Feature Pack para Web Services en el componente Web Services Security en IBM WebSphere Application Server (WAS) 7 anterior a v7.0.0.1, tiene un impacto y vectores de ataque desconocidos, relacionados con "userNameToken". • http://secunia.com/advisories/33022 http://www-01.ibm.com/support/docview.wss?uid=swg27014463 http://www-1.ibm.com/support/docview.wss?uid=swg1PK67282 http://www.securityfocus.com/bid/32679 http://www.vupen.com/english/advisories/2008/3370 https://exchange.xforce.ibmcloud.com/vulnerabilities/47136 •