10
CVE-2010-3186
- EPSS 2.61%
- Veröffentlicht 30.08.2010 20:00:02
- Zuletzt bearbeitet 16.06.2026 23:22:19
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
IBM WebSphere Application Server (WAS) 7.x before 7.0.0.13, and WebSphere Application Server Feature Pack for Web Services 6.1.0.9 through 6.1.0.32, when a JAX-WS application is used, does not properly handle an IncludeTimestamp setting in the WS-Security policy, which has unspecified impact and remote attack vectors.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ibm ≫ Websphere Application Server Version7.0
Ibm ≫ Websphere Application Server Version7.0.0.1
Ibm ≫ Websphere Application Server Version7.0.0.2
Ibm ≫ Websphere Application Server Version7.0.0.3
Ibm ≫ Websphere Application Server Version7.0.0.4
Ibm ≫ Websphere Application Server Version7.0.0.5
Ibm ≫ Websphere Application Server Version7.0.0.6
Ibm ≫ Websphere Application Server Version7.0.0.7
Ibm ≫ Websphere Application Server Version7.0.0.9
Ibm ≫ Websphere Application Server Version7.0.0.10
Ibm ≫ Websphere Application Server Version7.0.0.11
Ibm ≫ Websphere Application Server Version6.1.0.9
Ibm ≫ Websphere Application Server Version6.1.0.10
Ibm ≫ Websphere Application Server Version6.1.0.11
Ibm ≫ Websphere Application Server Version6.1.0.12
Ibm ≫ Websphere Application Server Version6.1.0.13
Ibm ≫ Websphere Application Server Version6.1.0.14
Ibm ≫ Websphere Application Server Version6.1.0.15
Ibm ≫ Websphere Application Server Version6.1.0.16
Ibm ≫ Websphere Application Server Version6.1.0.17
Ibm ≫ Websphere Application Server Version6.1.0.18
Ibm ≫ Websphere Application Server Version6.1.0.19
Ibm ≫ Websphere Application Server Version6.1.0.20
Ibm ≫ Websphere Application Server Version6.1.0.21
Ibm ≫ Websphere Application Server Version6.1.0.22
Ibm ≫ Websphere Application Server Version6.1.0.23
Ibm ≫ Websphere Application Server Version6.1.0.24
Ibm ≫ Websphere Application Server Version6.1.0.25
Ibm ≫ Websphere Application Server Version6.1.0.26
Ibm ≫ Websphere Application Server Version6.1.0.27
Ibm ≫ Websphere Application Server Version6.1.0.29
Ibm ≫ Websphere Application Server Version6.1.0.31
Ibm ≫ Websphere Application Server Version6.1.0.32
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.61% | 0.834 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 10 | 10 | 10 |
AV:N/AC:L/Au:N/C:C/I:C/A:C
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
http://osvdb.org/67570
http://secunia.com/advisories/41173
http://www-01.ibm.com/support/docview.wss?uid=swg1PM08360
http://www-01.ibm.com/support/docview.wss?uid=swg1PM16014
http://www-01.ibm.com/support/docview.wss?uid=swg21443736
http://www-01.ibm.com/support/docview.wss?uid=swg24027708
http://www-01.ibm.com/support/docview.wss?uid=swg24027709
http://www.vupen.com/english/advisories/2010/2215
https://exchange.xforce.ibmcloud.com/vulnerabilities/61435