6.8
CVE-2010-3271
- EPSS 0.8%
- Published 18.07.2011 22:55:00
- Last modified 11.04.2025 00:51:21
- Source cve@mitre.org
- Teams watchlist Login
- Open Login
Multiple cross-site request forgery (CSRF) vulnerabilities in the Integrated Solutions Console (aka administrative console) in IBM WebSphere Application Server (WAS) 7.0.0.13 and earlier allow remote attackers to hijack the authentication of administrators for requests that disable certain security options via an Edit action to console/adminSecurityDetail.do followed by a save action to console/syncworkspace.do.
Data is provided by the National Vulnerability Database (NVD)
Ibm ≫ Websphere Application Server Version <= 7.0.0.13
Ibm ≫ Websphere Application Server Version2.0
Ibm ≫ Websphere Application Server Version3.0
Ibm ≫ Websphere Application Server Version3.0.2
Ibm ≫ Websphere Application Server Version3.0.2.1
Ibm ≫ Websphere Application Server Version3.0.2.2
Ibm ≫ Websphere Application Server Version3.0.2.3
Ibm ≫ Websphere Application Server Version3.0.2.4
Ibm ≫ Websphere Application Server Version3.0.21
Ibm ≫ Websphere Application Server Version3.5
Ibm ≫ Websphere Application Server Version3.5.1
Ibm ≫ Websphere Application Server Version3.5.2
Ibm ≫ Websphere Application Server Version3.5.3
Ibm ≫ Websphere Application Server Version3.52
Ibm ≫ Websphere Application Server Version4.0.1
Ibm ≫ Websphere Application Server Version4.0.2
Ibm ≫ Websphere Application Server Version4.0.3
Ibm ≫ Websphere Application Server Version4.0.4
Ibm ≫ Websphere Application Server Version5.0
Ibm ≫ Websphere Application Server Version5.0.0
Ibm ≫ Websphere Application Server Version5.0.1
Ibm ≫ Websphere Application Server Version5.0.2
Ibm ≫ Websphere Application Server Version5.0.2.1
Ibm ≫ Websphere Application Server Version5.0.2.2
Ibm ≫ Websphere Application Server Version5.0.2.3
Ibm ≫ Websphere Application Server Version5.0.2.4
Ibm ≫ Websphere Application Server Version5.0.2.5
Ibm ≫ Websphere Application Server Version5.0.2.6
Ibm ≫ Websphere Application Server Version5.0.2.7
Ibm ≫ Websphere Application Server Version5.0.2.8
Ibm ≫ Websphere Application Server Version5.0.2.9
Ibm ≫ Websphere Application Server Version5.0.2.10
Ibm ≫ Websphere Application Server Version5.0.2.11
Ibm ≫ Websphere Application Server Version5.0.2.12
Ibm ≫ Websphere Application Server Version5.0.2.13
Ibm ≫ Websphere Application Server Version5.0.2.14
Ibm ≫ Websphere Application Server Version5.0.2.15
Ibm ≫ Websphere Application Server Version5.0.2.16
Ibm ≫ Websphere Application Server Version5.1.0
Ibm ≫ Websphere Application Server Version5.1.0.2
Ibm ≫ Websphere Application Server Version5.1.0.3
Ibm ≫ Websphere Application Server Version5.1.0.4
Ibm ≫ Websphere Application Server Version5.1.0.5
Ibm ≫ Websphere Application Server Version5.1.1
Ibm ≫ Websphere Application Server Version5.1.1.1
Ibm ≫ Websphere Application Server Version5.1.1.2
Ibm ≫ Websphere Application Server Version5.1.1.3
Ibm ≫ Websphere Application Server Version5.1.1.4
Ibm ≫ Websphere Application Server Version5.1.1.5
Ibm ≫ Websphere Application Server Version5.1.1.6
Ibm ≫ Websphere Application Server Version5.1.1.7
Ibm ≫ Websphere Application Server Version5.1.1.8
Ibm ≫ Websphere Application Server Version5.1.1.9
Ibm ≫ Websphere Application Server Version5.1.1.10
Ibm ≫ Websphere Application Server Version5.1.1.11
Ibm ≫ Websphere Application Server Version5.1.1.12
Ibm ≫ Websphere Application Server Version5.1.1.13
Ibm ≫ Websphere Application Server Version5.1.1.14
Ibm ≫ Websphere Application Server Version5.1.1.15
Ibm ≫ Websphere Application Server Version5.1.1.16
Ibm ≫ Websphere Application Server Version5.1.1.17
Ibm ≫ Websphere Application Server Version6.0
Ibm ≫ Websphere Application Server Version6.0.0.1
Ibm ≫ Websphere Application Server Version6.0.0.2
Ibm ≫ Websphere Application Server Version6.0.0.3
Ibm ≫ Websphere Application Server Version6.0.1
Ibm ≫ Websphere Application Server Version6.0.1.1
Ibm ≫ Websphere Application Server Version6.0.1.2
Ibm ≫ Websphere Application Server Version6.0.1.3
Ibm ≫ Websphere Application Server Version6.0.1.5
Ibm ≫ Websphere Application Server Version6.0.1.7
Ibm ≫ Websphere Application Server Version6.0.1.9
Ibm ≫ Websphere Application Server Version6.0.1.11
Ibm ≫ Websphere Application Server Version6.0.1.13
Ibm ≫ Websphere Application Server Version6.0.1.15
Ibm ≫ Websphere Application Server Version6.0.1.17
Ibm ≫ Websphere Application Server Version6.0.2
Ibm ≫ Websphere Application Server Version6.0.2.1
Ibm ≫ Websphere Application Server Version6.0.2.2
Ibm ≫ Websphere Application Server Version6.0.2.3
Ibm ≫ Websphere Application Server Version6.0.2.4
Ibm ≫ Websphere Application Server Version6.0.2.5
Ibm ≫ Websphere Application Server Version6.0.2.6
Ibm ≫ Websphere Application Server Version6.0.2.7
Ibm ≫ Websphere Application Server Version6.0.2.9
Ibm ≫ Websphere Application Server Version6.0.2.11
Ibm ≫ Websphere Application Server Version6.0.2.13
Ibm ≫ Websphere Application Server Version6.0.2.15
Ibm ≫ Websphere Application Server Version6.0.2.17
Ibm ≫ Websphere Application Server Version6.0.2.19
Ibm ≫ Websphere Application Server Version6.0.2.22
Ibm ≫ Websphere Application Server Version6.0.2.23
Ibm ≫ Websphere Application Server Version6.0.2.24
Ibm ≫ Websphere Application Server Version6.0.2.25
Ibm ≫ Websphere Application Server Version6.0.2.27
Ibm ≫ Websphere Application Server Version6.0.2.28
Ibm ≫ Websphere Application Server Version6.0.2.29
Ibm ≫ Websphere Application Server Version6.0.2.30
Ibm ≫ Websphere Application Server Version6.0.2.31
Ibm ≫ Websphere Application Server Version6.0.2.32
Ibm ≫ Websphere Application Server Version6.1
Ibm ≫ Websphere Application Server Version6.1.0
Ibm ≫ Websphere Application Server Version6.1.0.0
Ibm ≫ Websphere Application Server Version6.1.0.1
Ibm ≫ Websphere Application Server Version6.1.0.2
Ibm ≫ Websphere Application Server Version6.1.0.3
Ibm ≫ Websphere Application Server Version6.1.0.5
Ibm ≫ Websphere Application Server Version6.1.0.7
Ibm ≫ Websphere Application Server Version6.1.0.9
Ibm ≫ Websphere Application Server Version6.1.0.11
Ibm ≫ Websphere Application Server Version6.1.0.12
Ibm ≫ Websphere Application Server Version6.1.0.15
Ibm ≫ Websphere Application Server Version6.1.0.17
Ibm ≫ Websphere Application Server Version6.1.0.19
Ibm ≫ Websphere Application Server Version6.1.0.21
Ibm ≫ Websphere Application Server Version6.1.0.23
Ibm ≫ Websphere Application Server Version6.1.0.25
Ibm ≫ Websphere Application Server Version6.1.0.27
Ibm ≫ Websphere Application Server Version6.1.0.29
Ibm ≫ Websphere Application Server Version6.1.0.31
Ibm ≫ Websphere Application Server Version6.1.0.33
Ibm ≫ Websphere Application Server Version6.1.1
Ibm ≫ Websphere Application Server Version6.1.3
Ibm ≫ Websphere Application Server Version6.1.5
Ibm ≫ Websphere Application Server Version6.1.6
Ibm ≫ Websphere Application Server Version6.1.7
Ibm ≫ Websphere Application Server Version6.1.13
Ibm ≫ Websphere Application Server Version6.1.14
Ibm ≫ Websphere Application Server Version7.0
Ibm ≫ Websphere Application Server Version7.0.0.1
Ibm ≫ Websphere Application Server Version7.0.0.2
Ibm ≫ Websphere Application Server Version7.0.0.3
Ibm ≫ Websphere Application Server Version7.0.0.4
Ibm ≫ Websphere Application Server Version7.0.0.5
Ibm ≫ Websphere Application Server Version7.0.0.6
Ibm ≫ Websphere Application Server Version7.0.0.7
Ibm ≫ Websphere Application Server Version7.0.0.8
Ibm ≫ Websphere Application Server Version7.0.0.9
Ibm ≫ Websphere Application Server Version7.0.0.11
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.8% | 0.73 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 6.8 | 8.6 | 6.4 |
AV:N/AC:M/Au:N/C:P/I:P/A:P
|
CWE-352 Cross-Site Request Forgery (CSRF)
The web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request.