CVE Vulnerabilities

CVE-2010-3700

Published: Oct 29, 2010 | Modified: Oct 10, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:N/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

VMware SpringSource Spring Security 2.x before 2.0.6 and 3.x before 3.0.4, and Acegi Security 1.0.0 through 1.0.7, as used in IBM WebSphere Application Server (WAS) 6.1 and 7.0, allows remote attackers to bypass security constraints via a path parameter.

Affected Software

Name Vendor Start Version End Version
Acegi-security Acegisecurity 1.0.0 (including) 1.0.0 (including)
Acegi-security Acegisecurity 1.0.1 (including) 1.0.1 (including)
Acegi-security Acegisecurity 1.0.2 (including) 1.0.2 (including)
Acegi-security Acegisecurity 1.0.3 (including) 1.0.3 (including)
Acegi-security Acegisecurity 1.0.4 (including) 1.0.4 (including)
Acegi-security Acegisecurity 1.0.5 (including) 1.0.5 (including)
Acegi-security Acegisecurity 1.0.6 (including) 1.0.6 (including)
Acegi-security Acegisecurity 1.0.7 (including) 1.0.7 (including)
Springsource_spring_security Vmware 2.0.0 (including) 2.0.0 (including)
Springsource_spring_security Vmware 2.0.1 (including) 2.0.1 (including)
Springsource_spring_security Vmware 2.0.2 (including) 2.0.2 (including)
Springsource_spring_security Vmware 2.0.3 (including) 2.0.3 (including)
Springsource_spring_security Vmware 2.0.4 (including) 2.0.4 (including)
Springsource_spring_security Vmware 2.0.5 (including) 2.0.5 (including)
Springsource_spring_security Vmware 3.0.0 (including) 3.0.0 (including)
Springsource_spring_security Vmware 3.0.1 (including) 3.0.1 (including)
Springsource_spring_security Vmware 3.0.2 (including) 3.0.2 (including)
Springsource_spring_security Vmware 3.0.3 (including) 3.0.3 (including)

References