Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
- EPSS 0.22%
- Veröffentlicht 20.02.2013 12:09:22
- Zuletzt bearbeitet 11.04.2025 00:51:21
IBM WebSphere Message Broker 6.1 before 6.1.0.12, 7.0 before 7.0.0.6, and 8.0 before 8.0.0.2 does not validate Basic Authentication credentials before proceeding to WS-Addressing and WS-Security operations, which allows remote attackers to trigger tr...
6.9
CVE-2012-3317
- EPSS 0.06%
- Veröffentlicht 05.12.2012 11:57:14
- Zuletzt bearbeitet 11.04.2025 00:51:21
IBM WebSphere Message Broker 6.1 before 6.1.0.11, 7.0 before 7.0.0.5, and 8.0 before 8.0.0.2 has incorrect ownership of certain uninstaller Java Runtime Environment (JRE) files, which might allow local users to gain privileges by leveraging access to...
2.1
CVE-2009-0503
- EPSS 0.06%
- Veröffentlicht 13.02.2009 17:30:00
- Zuletzt bearbeitet 09.04.2025 00:30:58
IBM WebSphere Message Broker 6.1.x before 6.1.0.2 writes a database connection password to the Event Log and System Log during exception handling for a JDBC error, which allows local users to obtain sensitive information by reading these logs.