CVSS: 10.0EPSS: 0%CPEs: 20EXPL: 0CVE-2008-3235
https://notcve.org/view.php?id=CVE-2008-3235
Unspecified vulnerability in the PropFilePasswordEncoder utility in the Security component in IBM WebSphere Application Server (WAS) 5.1 before 5.1.1.19 has unknown impact and attack vectors. Vulnerabilidad sin especificar en la Utilidad PropFilePasswordEncoder del componente Security en IBM WebSphere Application Server (WAS) 5.1 anterior a 5.1.1.19 tiene un impacto y vectores de ataque desconocidos. • http://secunia.com/advisories/31149 http://www-1.ibm.com/support/docview.wss?uid=swg1PK61436 http://www-1.ibm.com/support/docview.wss?uid=swg27006879 http://www.securityfocus.com/bid/30280 http://www.securitytracker.com/id?1020528 http://www.vupen.com/english/advisories/2008/2140/references • CWE-255: Credentials Management Errors •
CVSS: 5.0EPSS: 0%CPEs: 20EXPL: 0CVE-2008-3236
https://notcve.org/view.php?id=CVE-2008-3236
Unspecified vulnerability in Wsadmin in the System Management/Repository component in IBM WebSphere Application Server (WAS) 5.1 before 5.1.1.19 allows attackers to obtain sensitive information via vectors related to "previously encrypted properties" that are not encrypted. Vulnerabilidad sin especificar en Wsadmin en el cmponente System Management/Repository en IBM WebSphere Application Server (WAS) 5.1 anterior a 5.1.1.19, permite a atacantes remotos obtener información sensible a través de vectores relacionados con "propiedades previamente encriptadas" que no están encriptadas. • http://secunia.com/advisories/31149 http://secunia.com/advisories/31892 http://www-01.ibm.com/support/docview.wss?uid=swg27007951 http://www-1.ibm.com/support/docview.wss?uid=swg1PK61941 http://www-1.ibm.com/support/docview.wss?uid=swg27006879 http://www.vupen.com/english/advisories/2008/2140 http://www.vupen.com/english/advisories/2008/2566 https://exchange.xforce.ibmcloud.com/vulnerabilities/45123 • CWE-310: Cryptographic Issues •
CVSS: 5.0EPSS: 0%CPEs: 19EXPL: 0CVE-2008-2550
https://notcve.org/view.php?id=CVE-2008-2550
Unspecified vulnerability in the Web Services Security component in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.17 has unknown impact and attack vectors related to an attribute in the SOAP security header. Vulnerabilidad sin especificar del componente Web Services Security en Web Services Security (WAS) versiones 6.1 anteriores a la 6.1.0.17 tiene un impacto desconocido y vectores de ataque relacionados con un atributo de la cabecera de seguridad SOAP. • http://secunia.com/advisories/30526 http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg27007951 http://www-1.ibm.com/support/docview.wss?uid=swg1PK61315 http://www.securitytracker.com/id?1020168 http://www.vupen.com/english/advisories/2008/1734 https://exchange.xforce.ibmcloud.com/vulnerabilities/42822 •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2008-0741
https://notcve.org/view.php?id=CVE-2008-0741
Unspecified vulnerability in the PropFilePasswordEncoder utility in IBM WebSphere Application Server (WAS) before 6.0.2 Fix Pack 25 (6.0.2.25) has unknown impact and attack vectors. Vulnerabilidad sin especificar en la utilidad PropFilePasswordEncoder de IBM WebSphere Application Server (WAS) antes de 6.0.2 Fix Pack 25 (6.0.2.25). El impacto y los vectores de ataque son desconocidos. • http://secunia.com/advisories/28588 http://securitytracker.com/id?1019254 http://www-1.ibm.com/support/docview.wss?rs=0&dc=DB550&q1=PK52709&uid=swg1PK58871&loc=en_US&cs=utf-8&lang= http://www-1.ibm.com/support/docview.wss?uid=swg27006876 http://www.securityfocus.com/bid/27400 http://www.vupen.com/english/advisories/2008/0241 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 2.1EPSS: 0%CPEs: 1EXPL: 0CVE-2008-0740
https://notcve.org/view.php?id=CVE-2008-0740
IBM WebSphere Application Server (WAS) before 6.0.2 Fix Pack 25 (6.0.2.25) and 6.1 before Fix Pack 15 (6.1.0.15) writes unspecified cleartext information to http_plugin.log, which might allow local users to obtain sensitive information by reading this file. IBM WebSphere Application Server (WAS) versiones anteriores a 6.0.2 Fix Pack 25 (6.0.2.25) escribe información sin especificar en texto claro en http_plugin.log, lo cual permite a usuarios locales obtener información sensible leyendo ese fichero. • http://osvdb.org/42878 http://www-1.ibm.com/support/docview.wss?uid=swg1PK48785 http://www-1.ibm.com/support/docview.wss?uid=swg27006876 http://www-1.ibm.com/support/docview.wss?uid=swg27007951 http://www.securityfocus.com/bid/27400 http://www.vupen.com/english/advisories/2008/0241 • CWE-264: Permissions, Privileges, and Access Controls •