CVE Vulnerabilities

CVE-2010-0769

Published: Apr 01, 2010 | Modified: Aug 17, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
1.9 LOW
AV:L/AC:M/Au:N/C:P/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu

IBM WebSphere Application Server (WAS) 6.0 before 6.0.2.41, 6.1 before 6.1.0.31, and 7.0 before 7.0.0.9 does not properly define wsadmin scripting J2CConnectionFactory objects, which allows local users to discover a KeyRingPassword password by reading a cleartext field in the resources.xml file.

Affected Software

Name Vendor Start Version End Version
Websphere_application_server Ibm * 6.0.2.39 (including)
Websphere_application_server Ibm 6.0 (including) 6.0 (including)
Websphere_application_server Ibm 6.0.0.2 (including) 6.0.0.2 (including)
Websphere_application_server Ibm 6.0.0.3 (including) 6.0.0.3 (including)
Websphere_application_server Ibm 6.0.1 (including) 6.0.1 (including)
Websphere_application_server Ibm 6.0.1.2 (including) 6.0.1.2 (including)
Websphere_application_server Ibm 6.0.2 (including) 6.0.2 (including)
Websphere_application_server Ibm 6.0.2.1 (including) 6.0.2.1 (including)
Websphere_application_server Ibm 6.0.2.3 (including) 6.0.2.3 (including)
Websphere_application_server Ibm 6.0.2.5 (including) 6.0.2.5 (including)
Websphere_application_server Ibm 6.0.2.7 (including) 6.0.2.7 (including)
Websphere_application_server Ibm 6.0.2.9 (including) 6.0.2.9 (including)
Websphere_application_server Ibm 6.0.2.11 (including) 6.0.2.11 (including)
Websphere_application_server Ibm 6.0.2.13 (including) 6.0.2.13 (including)
Websphere_application_server Ibm 6.0.2.15 (including) 6.0.2.15 (including)
Websphere_application_server Ibm 6.0.2.17 (including) 6.0.2.17 (including)
Websphere_application_server Ibm 6.0.2.19 (including) 6.0.2.19 (including)
Websphere_application_server Ibm 6.0.2.21 (including) 6.0.2.21 (including)
Websphere_application_server Ibm 6.0.2.23 (including) 6.0.2.23 (including)
Websphere_application_server Ibm 6.0.2.25 (including) 6.0.2.25 (including)
Websphere_application_server Ibm 6.0.2.27 (including) 6.0.2.27 (including)
Websphere_application_server Ibm 6.0.2.29 (including) 6.0.2.29 (including)
Websphere_application_server Ibm 6.0.2.31 (including) 6.0.2.31 (including)
Websphere_application_server Ibm 6.0.2.33 (including) 6.0.2.33 (including)
Websphere_application_server Ibm 6.0.2.35 (including) 6.0.2.35 (including)
Websphere_application_server Ibm 6.0.2.37 (including) 6.0.2.37 (including)

References