5
CVE-2009-3106
- EPSS 0.11%
- Veröffentlicht 08.09.2009 22:30:00
- Zuletzt bearbeitet 09.04.2025 00:30:58
- Quelle cve@mitre.org
- Teams Watchlist Login
- Unerledigt Login
The Servlet Engine/Web Container component in IBM WebSphere Application Server (WAS) 6.0.2 before 6.0.2.37 does not properly implement security constraints on the (1) doGet and (2) doTrace methods, which allows remote attackers to bypass intended access restrictions and obtain sensitive information via a crafted HTTP HEAD request to a Web Application.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ibm ≫ Websphere Application Server Version6.0.2
Ibm ≫ Websphere Application Server Version6.0.2 Editionfp17
Ibm ≫ Websphere Application Server Version6.0.2.1
Ibm ≫ Websphere Application Server Version6.0.2.2
Ibm ≫ Websphere Application Server Version6.0.2.3
Ibm ≫ Websphere Application Server Version6.0.2.4
Ibm ≫ Websphere Application Server Version6.0.2.5
Ibm ≫ Websphere Application Server Version6.0.2.6
Ibm ≫ Websphere Application Server Version6.0.2.7
Ibm ≫ Websphere Application Server Version6.0.2.8
Ibm ≫ Websphere Application Server Version6.0.2.9
Ibm ≫ Websphere Application Server Version6.0.2.10
Ibm ≫ Websphere Application Server Version6.0.2.11
Ibm ≫ Websphere Application Server Version6.0.2.12
Ibm ≫ Websphere Application Server Version6.0.2.13
Ibm ≫ Websphere Application Server Version6.0.2.14
Ibm ≫ Websphere Application Server Version6.0.2.15
Ibm ≫ Websphere Application Server Version6.0.2.16
Ibm ≫ Websphere Application Server Version6.0.2.17
Ibm ≫ Websphere Application Server Version6.0.2.18
Ibm ≫ Websphere Application Server Version6.0.2.19
Ibm ≫ Websphere Application Server Version6.0.2.20
Ibm ≫ Websphere Application Server Version6.0.2.21
Ibm ≫ Websphere Application Server Version6.0.2.22
Ibm ≫ Websphere Application Server Version6.0.2.23
Ibm ≫ Websphere Application Server Version6.0.2.24
Ibm ≫ Websphere Application Server Version6.0.2.25
Ibm ≫ Websphere Application Server Version6.0.2.27
Ibm ≫ Websphere Application Server Version6.0.2.28
Ibm ≫ Websphere Application Server Version6.0.2.29
Ibm ≫ Websphere Application Server Version6.0.2.30
Ibm ≫ Websphere Application Server Version6.0.2.31
Ibm ≫ Websphere Application Server Version6.0.2.32
Ibm ≫ Websphere Application Server Version6.0.2.33
Ibm ≫ Websphere Application Server Version6.0.2.35
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.11% | 0.267 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:P/I:N/A:N
|