1.9

CVE-2010-1651

IBM WebSphere Application Server (WAS) 6.1.x before 6.1.0.31 and 7.0.x before 7.0.0.11, when Basic authentication and SIP tracing (aka full trace logging for SIP) are enabled, logs the entirety of all inbound and outbound SIP messages, which allows local users to obtain sensitive information by reading the trace log.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
IbmWebsphere Application Server Version6.1.0.0
IbmWebsphere Application Server Version6.1.0.1
IbmWebsphere Application Server Version6.1.0.2
IbmWebsphere Application Server Version6.1.0.3
IbmWebsphere Application Server Version6.1.0.4
IbmWebsphere Application Server Version6.1.0.5
IbmWebsphere Application Server Version6.1.0.6
IbmWebsphere Application Server Version6.1.0.7
IbmWebsphere Application Server Version6.1.0.8
IbmWebsphere Application Server Version6.1.0.9
IbmWebsphere Application Server Version6.1.0.10
IbmWebsphere Application Server Version6.1.0.11
IbmWebsphere Application Server Version6.1.0.12
IbmWebsphere Application Server Version6.1.0.13
IbmWebsphere Application Server Version6.1.0.14
IbmWebsphere Application Server Version6.1.0.15
IbmWebsphere Application Server Version6.1.0.16
IbmWebsphere Application Server Version6.1.0.17
IbmWebsphere Application Server Version6.1.0.18
IbmWebsphere Application Server Version6.1.0.19
IbmWebsphere Application Server Version6.1.0.20
IbmWebsphere Application Server Version6.1.0.21
IbmWebsphere Application Server Version6.1.0.22
IbmWebsphere Application Server Version6.1.0.23
IbmWebsphere Application Server Version6.1.0.24
IbmWebsphere Application Server Version6.1.0.25
IbmWebsphere Application Server Version6.1.0.26
IbmWebsphere Application Server Version6.1.0.27
IbmWebsphere Application Server Version6.1.0.29
IbmWebsphere Application Server Version6.1.13
IbmWebsphere Application Server Version6.1.14
IbmWebsphere Application Server Version7.0.0.1
IbmWebsphere Application Server Version7.0.0.3
IbmWebsphere Application Server Version7.0.0.5
IbmWebsphere Application Server Version7.0.0.7
IbmWebsphere Application Server Version7.0.0.9
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.33% 0.245
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 1.9 3.4 2.9
AV:L/AC:M/Au:N/C:P/I:N/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/39628
Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg1PM12247
Patch
http://secunia.com/advisories/40096
http://www-01.ibm.com/support/docview.wss?uid=swg1PM15829
http://www.vupen.com/english/advisories/2010/1411
http://www-01.ibm.com/support/docview.wss?uid=swg1PM08892
http://www.osvdb.org/65437
https://exchange.xforce.ibmcloud.com/vulnerabilities/58324