4.6
CVE-2001-1189
- EPSS 0.33%
- Veröffentlicht 13.12.2001 05:00:00
- Zuletzt bearbeitet 16.06.2026 21:55:46
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
IBM Websphere Application Server 3.5.3 and earlier stores a password in cleartext in the sas.server.props file, which allows local users to obtain the passwords via a JSP script.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ibm ≫ Websphere Application Server Version3.0
Ibm ≫ Websphere Application Server Version3.0.2
Ibm ≫ Websphere Application Server Version3.0.2.1
Ibm ≫ Websphere Application Server Version3.0.2.2
Ibm ≫ Websphere Application Server Version3.0.2.3
Ibm ≫ Websphere Application Server Version3.0.2.4
Ibm ≫ Websphere Application Server Version3.5
Ibm ≫ Websphere Application Server Version3.5.1
Ibm ≫ Websphere Application Server Version3.5.2
Ibm ≫ Websphere Application Server Version3.5.3
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.33% | 0.241 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.6 | 3.9 | 6.4 |
AV:L/AC:L/Au:N/C:P/I:P/A:P
|
http://www.iss.net/security_center/static/7698.php
http://www.securityfocus.com/archive/1/245324
http://www.securityfocus.com/bid/3682