2.1

CVE-2009-1173

EPSS 0.05%
Published 31.03.2009 14:09:53
Last modified 09.04.2025 00:30:58
Source cve@mitre.org
Teams watchlist Login
Open Login

IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.3 uses weak permissions (777) for files associated with unspecified "interim fixes," which allows attackers to modify files that would not have been accessible if the intended 755 permissions were used.

Affected products Warnungen 0 Metrics 2 CWE 0 References 10

Data is provided by the National Vulnerability Database (NVD)

Ibm ≫ Websphere Application Server Version7.0

Ibm ≫ Websphere Application Server Version7.0.0.1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.05%	0.13

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	2.1	3.9	2.9	AV:L/AC:L/Au:N/C:N/I:P/A:N

http://www-01.ibm.com/support/docview.wss?uid=swg27014463

Patch

http://secunia.com/advisories/34131

http://secunia.com/advisories/34461

Vendor Advisory

http://www-01.ibm.com/support/docview.wss?uid=swg1PK82988

http://www.securityfocus.com/bid/34259

http://www.vupen.com/english/advisories/2009/0854

Patch

Vendor Advisory

http://www-01.ibm.com/support/docview.wss?uid=swg1PK77590

https://nvd.nist.gov/vuln/detail/CVE-2009-1173

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2009-1173

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2009-1173

EUVD