2.1

CVE-2009-1173

EPSS 0.05%
Veröffentlicht 31.03.2009 14:09:53
Zuletzt bearbeitet 09.04.2025 00:30:58
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.3 uses weak permissions (777) for files associated with unspecified "interim fixes," which allows attackers to modify files that would not have been accessible if the intended 755 permissions were used.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 10

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Ibm ≫ Websphere Application Server Version7.0

Ibm ≫ Websphere Application Server Version7.0.0.1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.05%	0.13

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	2.1	3.9	2.9	AV:L/AC:L/Au:N/C:N/I:P/A:N

http://www-01.ibm.com/support/docview.wss?uid=swg27014463

Patch

http://secunia.com/advisories/34131

http://secunia.com/advisories/34461

Vendor Advisory

http://www-01.ibm.com/support/docview.wss?uid=swg1PK82988

http://www.securityfocus.com/bid/34259

http://www.vupen.com/english/advisories/2009/0854

Patch

Vendor Advisory

http://www-01.ibm.com/support/docview.wss?uid=swg1PK77590

https://nvd.nist.gov/vuln/detail/CVE-2009-1173

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2009-1173

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2009-1173

EUVD