CVE-2010-2644

EUVD-2010-2648
IBM WebSphere Service Registry and Repository (WSRR) 7.0.0 before FP1 does not properly implement access control, which allows remote attackers to perform governance actions via unspecified API requests to an EJB interface.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:N/I:P/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 48%
Affected Products (NVD)
VendorProductVersion
ibmwebsphere_service_registry_and_repository
7.0.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://secunia.com/advisories/42742
http://www-01.ibm.com/support/docview.wss?uid=swg1IZ72563
http://www-01.ibm.com/support/docview.wss?uid=swg24026132
https://exchange.xforce.ibmcloud.com/vulnerabilities/63640
http://secunia.com/advisories/42742
http://www-01.ibm.com/support/docview.wss?uid=swg1IZ72563
http://www-01.ibm.com/support/docview.wss?uid=swg24026132
https://exchange.xforce.ibmcloud.com/vulnerabilities/63640