CVE-2011-1312
Severity Score
4.0
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The Administrative Console component in IBM WebSphere Application Server (WAS) 6.1.0.x before 6.1.0.31 and 7.x before 7.0.0.15 does not prevent modifications of the primary admin id, which allows remote authenticated administrators to bypass intended access restrictions by mapping a (1) user or (2) group to an administrator role.
El componente Administrative Console de IBM WebSphere Application Server (WAS) v6.1.0.x anterior a v6.1.0.31 y v7.x anteriores a v7.0.0.15 no impide que las modificaciones de la identificación del administrador principal, lo que permite a administradores remotos autenticados que eludan las restricciones de acceso previstas por asignación a un usuario mediante el mapeo a un rol de administrador de un (1) usuario o (2) grupo.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2011-03-08 CVE Reserved
- 2011-03-08 CVE Published
- 2024-09-17 CVE Updated
- 2024-09-17 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-264: Permissions, Privileges, and Access Controls
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| http://www-01.ibm.com/support/docview.wss?uid=swg27014463 | X_refsource_confirm |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://www-01.ibm.com/support/docview.wss?uid=swg1PK88606 | 2011-04-07 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Ibm Search vendor "Ibm" | Websphere Application Server Search vendor "Ibm" for product "Websphere Application Server" | 6.1.0 Search vendor "Ibm" for product "Websphere Application Server" and version "6.1.0" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Websphere Application Server Search vendor "Ibm" for product "Websphere Application Server" | 6.1.0.0 Search vendor "Ibm" for product "Websphere Application Server" and version "6.1.0.0" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Websphere Application Server Search vendor "Ibm" for product "Websphere Application Server" | 6.1.0.1 Search vendor "Ibm" for product "Websphere Application Server" and version "6.1.0.1" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Websphere Application Server Search vendor "Ibm" for product "Websphere Application Server" | 6.1.0.2 Search vendor "Ibm" for product "Websphere Application Server" and version "6.1.0.2" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Websphere Application Server Search vendor "Ibm" for product "Websphere Application Server" | 6.1.0.3 Search vendor "Ibm" for product "Websphere Application Server" and version "6.1.0.3" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Websphere Application Server Search vendor "Ibm" for product "Websphere Application Server" | 6.1.0.5 Search vendor "Ibm" for product "Websphere Application Server" and version "6.1.0.5" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Websphere Application Server Search vendor "Ibm" for product "Websphere Application Server" | 6.1.0.7 Search vendor "Ibm" for product "Websphere Application Server" and version "6.1.0.7" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Websphere Application Server Search vendor "Ibm" for product "Websphere Application Server" | 6.1.0.9 Search vendor "Ibm" for product "Websphere Application Server" and version "6.1.0.9" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Websphere Application Server Search vendor "Ibm" for product "Websphere Application Server" | 6.1.0.11 Search vendor "Ibm" for product "Websphere Application Server" and version "6.1.0.11" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Websphere Application Server Search vendor "Ibm" for product "Websphere Application Server" | 6.1.0.12 Search vendor "Ibm" for product "Websphere Application Server" and version "6.1.0.12" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Websphere Application Server Search vendor "Ibm" for product "Websphere Application Server" | 6.1.0.15 Search vendor "Ibm" for product "Websphere Application Server" and version "6.1.0.15" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Websphere Application Server Search vendor "Ibm" for product "Websphere Application Server" | 6.1.0.17 Search vendor "Ibm" for product "Websphere Application Server" and version "6.1.0.17" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Websphere Application Server Search vendor "Ibm" for product "Websphere Application Server" | 6.1.0.19 Search vendor "Ibm" for product "Websphere Application Server" and version "6.1.0.19" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Websphere Application Server Search vendor "Ibm" for product "Websphere Application Server" | 6.1.0.21 Search vendor "Ibm" for product "Websphere Application Server" and version "6.1.0.21" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Websphere Application Server Search vendor "Ibm" for product "Websphere Application Server" | 6.1.0.23 Search vendor "Ibm" for product "Websphere Application Server" and version "6.1.0.23" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Websphere Application Server Search vendor "Ibm" for product "Websphere Application Server" | 6.1.0.25 Search vendor "Ibm" for product "Websphere Application Server" and version "6.1.0.25" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Websphere Application Server Search vendor "Ibm" for product "Websphere Application Server" | 6.1.0.27 Search vendor "Ibm" for product "Websphere Application Server" and version "6.1.0.27" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Websphere Application Server Search vendor "Ibm" for product "Websphere Application Server" | 6.1.0.29 Search vendor "Ibm" for product "Websphere Application Server" and version "6.1.0.29" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Websphere Application Server Search vendor "Ibm" for product "Websphere Application Server" | 7.0 Search vendor "Ibm" for product "Websphere Application Server" and version "7.0" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Websphere Application Server Search vendor "Ibm" for product "Websphere Application Server" | 7.0.0.1 Search vendor "Ibm" for product "Websphere Application Server" and version "7.0.0.1" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Websphere Application Server Search vendor "Ibm" for product "Websphere Application Server" | 7.0.0.2 Search vendor "Ibm" for product "Websphere Application Server" and version "7.0.0.2" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Websphere Application Server Search vendor "Ibm" for product "Websphere Application Server" | 7.0.0.3 Search vendor "Ibm" for product "Websphere Application Server" and version "7.0.0.3" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Websphere Application Server Search vendor "Ibm" for product "Websphere Application Server" | 7.0.0.4 Search vendor "Ibm" for product "Websphere Application Server" and version "7.0.0.4" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Websphere Application Server Search vendor "Ibm" for product "Websphere Application Server" | 7.0.0.5 Search vendor "Ibm" for product "Websphere Application Server" and version "7.0.0.5" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Websphere Application Server Search vendor "Ibm" for product "Websphere Application Server" | 7.0.0.6 Search vendor "Ibm" for product "Websphere Application Server" and version "7.0.0.6" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Websphere Application Server Search vendor "Ibm" for product "Websphere Application Server" | 7.0.0.7 Search vendor "Ibm" for product "Websphere Application Server" and version "7.0.0.7" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Websphere Application Server Search vendor "Ibm" for product "Websphere Application Server" | 7.0.0.8 Search vendor "Ibm" for product "Websphere Application Server" and version "7.0.0.8" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Websphere Application Server Search vendor "Ibm" for product "Websphere Application Server" | 7.0.0.9 Search vendor "Ibm" for product "Websphere Application Server" and version "7.0.0.9" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Websphere Application Server Search vendor "Ibm" for product "Websphere Application Server" | 7.0.0.11 Search vendor "Ibm" for product "Websphere Application Server" and version "7.0.0.11" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Websphere Application Server Search vendor "Ibm" for product "Websphere Application Server" | 7.0.0.13 Search vendor "Ibm" for product "Websphere Application Server" and version "7.0.0.13" | - |
Affected
| ||||||