CVE-2010-0770

Опубликовано: 01 апр. 2010

Источник: nvd

CVSS2: 4

EPSS Низкий

Описание

IBM WebSphere Application Server (WAS) 6.0 before 6.0.2.41, 6.1 before 6.1.0.31, and 7.0 before 7.0.0.9 allows remote authenticated users to cause a denial of service (ORB ListenerThread hang) by aborting an SSL handshake.

Ссылки

http://secunia.com/advisories/39140
Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg1PK93653
Patch
Vendor Advisory
http://www.securityfocus.com/bid/39056
https://exchange.xforce.ibmcloud.com/vulnerabilities/57182
http://secunia.com/advisories/39140
Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg1PK93653
Patch
Vendor Advisory
http://www.securityfocus.com/bid/39056
https://exchange.xforce.ibmcloud.com/vulnerabilities/57182

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:ibm:websphere_application_server:*:*:*:*:*:*:*:*

Версия до 6.0.2.39 (включая)

cpe:2.3:a:ibm:websphere_application_server:6.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.0.0.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.0.0.3:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.0.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.0.1.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.0.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.0.2.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.0.2.3:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.0.2.5:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.0.2.7:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.0.2.9:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.0.2.11:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.0.2.13:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.0.2.15:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.0.2.17:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.0.2.19:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.0.2.21:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.0.2.23:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.0.2.25:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.0.2.27:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.0.2.29:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.0.2.31:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.0.2.33:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.0.2.35:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.0.2.37:*:*:*:*:*:*:*

Конфигурация 2

Одно из

cpe:2.3:a:ibm:websphere_application_server:*:*:*:*:*:*:*:*

Версия до 6.1.0.29 (включая)

cpe:2.3:a:ibm:websphere_application_server:6.1.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.1.0.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.1.0.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.1.0.3:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.1.0.5:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.1.0.7:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.1.0.9:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.1.0.11:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.1.0.13:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.1.0.15:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.1.0.17:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.1.0.19:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.1.0.21:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.1.0.23:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.1.0.25:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:6.1.0.27:*:*:*:*:*:*:*

Конфигурация 3

Одно из

cpe:2.3:a:ibm:websphere_application_server:7.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:7.0.0.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:7.0.0.3:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:7.0.0.5:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:7.0.0.7:*:*:*:*:*:*:*

EPSS

Процентиль: 66%

0.00514

Низкий

4 Medium

CVSS2

Дефекты

CWE-399

Связанные уязвимости

GHSA-fp84-6pq7-h5cw

github

почти 4 года назад

EPSS

Процентиль: 66%

0.00514

Низкий

4 Medium

CVSS2

Дефекты

CWE-399