CVE-2009-0506

Опубликовано: 25 фев. 2009

Источник: nvd

CVSS2: 6.2

EPSS Низкий

Описание

Unspecified vulnerability in IBM WebSphere Application Server (WAS) 5.1 and 6.0.2 before 6.0.2.33 on z/OS, when CSIv2 Identity Assertion is enabled and Enterprise JavaBeans (EJB) interaction occurs between a WAS 6.1 instance and a WAS pre-6.1 instance, allows local users to have an unknown impact via vectors related to (1) use of the wrong subject and (2) multiple CBIND checks.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одновременно

Одно из

cpe:2.3:a:ibm:websphere_application_server:5.1.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.0.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.0.2.4:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.0.2.6:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.0.2.8:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.0.2.10:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.0.2.12:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.0.2.14:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.0.2.16:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.0.2.18:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.0.2.20:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.0.2.22:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.0.2.24:*:*:*:*:*:*:*

cpe:2.3:o:ibm:z\/os:*:*:*:*:*:*:*:*

EPSS

Процентиль: 16%

0.0005

Низкий

6.2 Medium

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-vrfj-4vq5-9448

github

почти 4 года назад