5

CVE-2011-0679

IBM WebSphere Portal 6.0.1.1 through 7.0.0.0, as used in IBM Lotus Web Content Management (WCM) and IBM Lotus Quickr for WebSphere Portal, allows remote attackers to obtain sensitive information via a "modified message."
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
IbmWebsphere Portal Version6.0.1.1
IbmWebsphere Portal Version6.0.1.2
IbmWebsphere Portal Version6.0.1.3
IbmWebsphere Portal Version6.0.1.4
IbmWebsphere Portal Version6.0.1.5
IbmWebsphere Portal Version6.0.1.6
IbmWebsphere Portal Version6.0.1.7
IbmWebsphere Portal Version6.1.0.0
IbmWebsphere Portal Version6.1.0.1
IbmWebsphere Portal Version6.1.0.2
IbmWebsphere Portal Version6.1.0.3
IbmWebsphere Portal Version6.1.5.0
IbmWebsphere Portal Version7.0.0.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 3.84% 0.888
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:P/I:N/A:N
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

http://osvdb.org/70688
http://secunia.com/advisories/43081
Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg1PM22159
http://www-01.ibm.com/support/docview.wss?uid=swg1PM22167
http://www-01.ibm.com/support/docview.wss?uid=swg1PM24319
http://www-01.ibm.com/support/docview.wss?uid=swg1PM24320
http://www-01.ibm.com/support/docview.wss?uid=swg1PM25191
http://www-01.ibm.com/support/docview.wss?uid=swg1PM25698
http://www-01.ibm.com/support/docview.wss?uid=swg1PM26397
http://www.ibm.com/support/docview.wss?uid=swg21460422
http://www.kb.cert.org/vuls/id/375127
US Government Resource
http://www.securityfocus.com/bid/45989
http://www.vupen.com/english/advisories/2011/0223
https://exchange.xforce.ibmcloud.com/vulnerabilities/64890