CVE Vulnerabilities

CVE-2011-0316

Published: Jan 12, 2011 | Modified: Aug 17, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:P/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu

The Administrative Console component in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.35 and 7.0 before 7.0.0.15 does not properly restrict access to console servlets, which allows remote attackers to obtain potentially sensitive status information via a direct request.

Affected Software

Name Vendor Start Version End Version
Websphere_application_server Ibm 6.1.0.21 6.1.0.21
Websphere_application_server Ibm 6.1.0.31 6.1.0.31
Websphere_application_server Ibm 6.1 6.1
Websphere_application_server Ibm 6.1.0.19 6.1.0.19
Websphere_application_server Ibm 6.1.0.2 6.1.0.2
Websphere_application_server Ibm 6.1.0.33 6.1.0.33
Websphere_application_server Ibm 6.1.0.25 6.1.0.25
Websphere_application_server Ibm 6.1.0.11 6.1.0.11
Websphere_application_server Ibm 6.1.0.9 6.1.0.9
Websphere_application_server Ibm 6.1.0.0 6.1.0.0
Websphere_application_server Ibm 6.1.0.1 6.1.0.1
Websphere_application_server Ibm 6.1.0.27 6.1.0.27
Websphere_application_server Ibm 6.1.0.29 6.1.0.29
Websphere_application_server Ibm 6.1.0.7 6.1.0.7
Websphere_application_server Ibm 6.1.0.3 6.1.0.3
Websphere_application_server Ibm 6.1.0.17 6.1.0.17
Websphere_application_server Ibm 6.1.0.13 6.1.0.13
Websphere_application_server Ibm 6.1.0.15 6.1.0.15
Websphere_application_server Ibm 6.1.0.23 6.1.0.23
Websphere_application_server Ibm 6.1.0 6.1.0
Websphere_application_server Ibm 6.1.0.5 6.1.0.5
Websphere_application_server Ibm 6.1.0.12 6.1.0.12

References