CVE-2010-2637
Severity Score
4.3
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
IBM WebSphere MQ 6.0 before 6.0.2.9 and 7.0 before 7.0.1.1 does not encrypt the username and password in the security parameters field, which allows remote attackers to obtain sensitive information by sniffing the network traffic from a .NET client application.
IBM WebSphere MQ v6.0 anterior v6.0.2.9 y v7.0 anterior v7.0.1.1 no encripta el nombre de usuarios y password en el campos de parámetros de seguridad, lo que permite a atacantes remotos a obtener información sensible por captura de tráfico de red desde una aplicación cliente .NET.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2010-07-06 CVE Reserved
- 2010-11-12 CVE Published
- 2023-03-07 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-310: Cryptographic Issues
CAPEC
References (4)
| URL | Tag | Source |
|---|---|---|
| http://www-01.ibm.com/support/docview.wss?uid=swg27007069 | X_refsource_confirm | |
| http://www-01.ibm.com/support/docview.wss?uid=swg27014224 | X_refsource_confirm | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/63114 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://www-01.ibm.com/support/docview.wss?uid=swg1IZ56005 | 2017-08-17 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Ibm Search vendor "Ibm" | Websphere Mq Search vendor "Ibm" for product "Websphere Mq" | 6.0 Search vendor "Ibm" for product "Websphere Mq" and version "6.0" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Websphere Mq Search vendor "Ibm" for product "Websphere Mq" | 6.0.0.0 Search vendor "Ibm" for product "Websphere Mq" and version "6.0.0.0" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Websphere Mq Search vendor "Ibm" for product "Websphere Mq" | 6.0.1.0 Search vendor "Ibm" for product "Websphere Mq" and version "6.0.1.0" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Websphere Mq Search vendor "Ibm" for product "Websphere Mq" | 6.0.1.1 Search vendor "Ibm" for product "Websphere Mq" and version "6.0.1.1" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Websphere Mq Search vendor "Ibm" for product "Websphere Mq" | 6.0.2.0 Search vendor "Ibm" for product "Websphere Mq" and version "6.0.2.0" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Websphere Mq Search vendor "Ibm" for product "Websphere Mq" | 6.0.2.1 Search vendor "Ibm" for product "Websphere Mq" and version "6.0.2.1" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Websphere Mq Search vendor "Ibm" for product "Websphere Mq" | 6.0.2.2 Search vendor "Ibm" for product "Websphere Mq" and version "6.0.2.2" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Websphere Mq Search vendor "Ibm" for product "Websphere Mq" | 6.0.2.3 Search vendor "Ibm" for product "Websphere Mq" and version "6.0.2.3" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Websphere Mq Search vendor "Ibm" for product "Websphere Mq" | 6.0.2.4 Search vendor "Ibm" for product "Websphere Mq" and version "6.0.2.4" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Websphere Mq Search vendor "Ibm" for product "Websphere Mq" | 6.0.2.5 Search vendor "Ibm" for product "Websphere Mq" and version "6.0.2.5" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Websphere Mq Search vendor "Ibm" for product "Websphere Mq" | 6.0.2.6 Search vendor "Ibm" for product "Websphere Mq" and version "6.0.2.6" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Websphere Mq Search vendor "Ibm" for product "Websphere Mq" | 6.0.2.7 Search vendor "Ibm" for product "Websphere Mq" and version "6.0.2.7" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Websphere Mq Search vendor "Ibm" for product "Websphere Mq" | 6.0.2.8 Search vendor "Ibm" for product "Websphere Mq" and version "6.0.2.8" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Websphere Mq Search vendor "Ibm" for product "Websphere Mq" | 6.0.2.10 Search vendor "Ibm" for product "Websphere Mq" and version "6.0.2.10" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Websphere Mq Search vendor "Ibm" for product "Websphere Mq" | 7.0 Search vendor "Ibm" for product "Websphere Mq" and version "7.0" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Websphere Mq Search vendor "Ibm" for product "Websphere Mq" | 7.0.0.1 Search vendor "Ibm" for product "Websphere Mq" and version "7.0.0.1" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Websphere Mq Search vendor "Ibm" for product "Websphere Mq" | 7.0.0.2 Search vendor "Ibm" for product "Websphere Mq" and version "7.0.0.2" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Websphere Mq Search vendor "Ibm" for product "Websphere Mq" | 7.0.1.0 Search vendor "Ibm" for product "Websphere Mq" and version "7.0.1.0" | - |
Affected
| ||||||