Page 8 of 62 results (0.008 seconds)

CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0

IBM WebSphere Application Server (WAS) 7 before 7.0.0.1 sends SSL traffic over "unsecured TCP," which makes it easier for remote attackers to obtain sensitive information by sniffing the network. IBM WebSphere Application Server (WAS) 7 y versiones anteriores 7.0.0.1 que envía tráfico SSL sobre "TCP inseguro", el cual hace más fácil para usuarios remotos obtener información sensible, rastreando la red. • http://secunia.com/advisories/33022 http://www-01.ibm.com/support/docview.wss?uid=swg27014463 http://www-1.ibm.com/support/docview.wss?uid=swg1PK74777 http://www.securityfocus.com/bid/32679 http://www.vupen.com/english/advisories/2008/3370 https://exchange.xforce.ibmcloud.com/vulnerabilities/47135 • CWE-310: Cryptographic Issues •

CVSS: 5.0EPSS: 0%CPEs: 19EXPL: 0

Unspecified vulnerability in the Web Services Security component in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.17 has unknown impact and attack vectors related to an attribute in the SOAP security header. Vulnerabilidad sin especificar del componente Web Services Security en Web Services Security (WAS) versiones 6.1 anteriores a la 6.1.0.17 tiene un impacto desconocido y vectores de ataque relacionados con un atributo de la cabecera de seguridad SOAP. • http://secunia.com/advisories/30526 http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg27007951 http://www-1.ibm.com/support/docview.wss?uid=swg1PK61315 http://www.securitytracker.com/id?1020168 http://www.vupen.com/english/advisories/2008/1734 https://exchange.xforce.ibmcloud.com/vulnerabilities/42822 •

CVSS: 2.1EPSS: 0%CPEs: 1EXPL: 0

IBM WebSphere Application Server (WAS) before 6.0.2 Fix Pack 25 (6.0.2.25) and 6.1 before Fix Pack 15 (6.1.0.15) writes unspecified cleartext information to http_plugin.log, which might allow local users to obtain sensitive information by reading this file. IBM WebSphere Application Server (WAS) versiones anteriores a 6.0.2 Fix Pack 25 (6.0.2.25) escribe información sin especificar en texto claro en http_plugin.log, lo cual permite a usuarios locales obtener información sensible leyendo ese fichero. • http://osvdb.org/42878 http://www-1.ibm.com/support/docview.wss?uid=swg1PK48785 http://www-1.ibm.com/support/docview.wss?uid=swg27006876 http://www-1.ibm.com/support/docview.wss?uid=swg27007951 http://www.securityfocus.com/bid/27400 http://www.vupen.com/english/advisories/2008/0241 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0

Unspecified vulnerability in the PropFilePasswordEncoder utility in IBM WebSphere Application Server (WAS) before 6.0.2 Fix Pack 25 (6.0.2.25) has unknown impact and attack vectors. Vulnerabilidad sin especificar en la utilidad PropFilePasswordEncoder de IBM WebSphere Application Server (WAS) antes de 6.0.2 Fix Pack 25 (6.0.2.25). El impacto y los vectores de ataque son desconocidos. • http://secunia.com/advisories/28588 http://securitytracker.com/id?1019254 http://www-1.ibm.com/support/docview.wss?rs=0&dc=DB550&q1=PK52709&uid=swg1PK58871&loc=en_US&cs=utf-8&lang= http://www-1.ibm.com/support/docview.wss?uid=swg27006876 http://www.securityfocus.com/bid/27400 http://www.vupen.com/english/advisories/2008/0241 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 10.0EPSS: 1%CPEs: 40EXPL: 0

Unspecified vulnerability in the serveServletsByClassnameEnabled feature in IBM WebSphere Application Server (WAS) 6.0 through 6.0.2.25, 6.1 through 6.1.0.14, and 5.1.1.x before 5.1.1.18 has unknown impact and attack vectors. Una vulnerabilidad no especificada en la función serveServletsByClassnameEnabled en IBM WebSphere Application Server (WAS) versiones 6.0 hasta 6.0.2.25, versiones 6.1 hasta 6.1.0.14 y versiones 5.1.1.x anteriores a 5.1.1.18, presenta un impacto desconocido y vectores de ataque. • http://secunia.com/advisories/28576 http://secunia.com/advisories/29687 http://www-1.ibm.com/support/docview.wss?uid=swg24018067 http://www-1.ibm.com/support/docview.wss?uid=swg27006879#51118 http://www.securityfocus.com/bid/27371 http://www.securitytracker.com/id?1019251 http://www.securitytracker.com/id?1019894 http://www.vupen.com/english/advisories/2008/0219 http://www.vupen.com/english/advisories/2008/1133 https://exchange.xforce.ibmcloud.com/vulnerabilities/39808 •