IBM WebSphere Application Server (WAS) 6.0 before 6.0.2.41, 6.1 before 6.1.0.31, and 7.0 before 7.0.0.9 does not properly define wsadmin scripting J2CConnectionFactory objects, which allows local users to discover a KeyRingPassword password by reading a cleartext field in the resources.xml file.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Websphere_application_server | Ibm | * | 6.0.2.39 (including) |
Websphere_application_server | Ibm | 6.0 (including) | 6.0 (including) |
Websphere_application_server | Ibm | 6.0.0.2 (including) | 6.0.0.2 (including) |
Websphere_application_server | Ibm | 6.0.0.3 (including) | 6.0.0.3 (including) |
Websphere_application_server | Ibm | 6.0.1 (including) | 6.0.1 (including) |
Websphere_application_server | Ibm | 6.0.1.2 (including) | 6.0.1.2 (including) |
Websphere_application_server | Ibm | 6.0.2 (including) | 6.0.2 (including) |
Websphere_application_server | Ibm | 6.0.2.1 (including) | 6.0.2.1 (including) |
Websphere_application_server | Ibm | 6.0.2.3 (including) | 6.0.2.3 (including) |
Websphere_application_server | Ibm | 6.0.2.5 (including) | 6.0.2.5 (including) |
Websphere_application_server | Ibm | 6.0.2.7 (including) | 6.0.2.7 (including) |
Websphere_application_server | Ibm | 6.0.2.9 (including) | 6.0.2.9 (including) |
Websphere_application_server | Ibm | 6.0.2.11 (including) | 6.0.2.11 (including) |
Websphere_application_server | Ibm | 6.0.2.13 (including) | 6.0.2.13 (including) |
Websphere_application_server | Ibm | 6.0.2.15 (including) | 6.0.2.15 (including) |
Websphere_application_server | Ibm | 6.0.2.17 (including) | 6.0.2.17 (including) |
Websphere_application_server | Ibm | 6.0.2.19 (including) | 6.0.2.19 (including) |
Websphere_application_server | Ibm | 6.0.2.21 (including) | 6.0.2.21 (including) |
Websphere_application_server | Ibm | 6.0.2.23 (including) | 6.0.2.23 (including) |
Websphere_application_server | Ibm | 6.0.2.25 (including) | 6.0.2.25 (including) |
Websphere_application_server | Ibm | 6.0.2.27 (including) | 6.0.2.27 (including) |
Websphere_application_server | Ibm | 6.0.2.29 (including) | 6.0.2.29 (including) |
Websphere_application_server | Ibm | 6.0.2.31 (including) | 6.0.2.31 (including) |
Websphere_application_server | Ibm | 6.0.2.33 (including) | 6.0.2.33 (including) |
Websphere_application_server | Ibm | 6.0.2.35 (including) | 6.0.2.35 (including) |
Websphere_application_server | Ibm | 6.0.2.37 (including) | 6.0.2.37 (including) |