CVE-2011-0316
12.01.2011, 01:00
The Administrative Console component in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.35 and 7.0 before 7.0.0.15 does not properly restrict access to console servlets, which allows remote attackers to obtain potentially sensitive status information via a direct request.Enginsight
Vendor | Product | Version |
---|---|---|
ibm | websphere_application_server | 6.1 |
ibm | websphere_application_server | 6.1.0 |
ibm | websphere_application_server | 6.1.0.0 |
ibm | websphere_application_server | 6.1.0.1 |
ibm | websphere_application_server | 6.1.0.2 |
ibm | websphere_application_server | 6.1.0.3 |
ibm | websphere_application_server | 6.1.0.5 |
ibm | websphere_application_server | 6.1.0.7 |
ibm | websphere_application_server | 6.1.0.9 |
ibm | websphere_application_server | 6.1.0.11 |
ibm | websphere_application_server | 6.1.0.12 |
ibm | websphere_application_server | 6.1.0.13 |
ibm | websphere_application_server | 6.1.0.15 |
ibm | websphere_application_server | 6.1.0.17 |
ibm | websphere_application_server | 6.1.0.19 |
ibm | websphere_application_server | 6.1.0.21 |
ibm | websphere_application_server | 6.1.0.23 |
ibm | websphere_application_server | 6.1.0.25 |
ibm | websphere_application_server | 6.1.0.27 |
ibm | websphere_application_server | 6.1.0.29 |
ibm | websphere_application_server | 6.1.0.31 |
ibm | websphere_application_server | 6.1.0.33 |
ibm | websphere_application_server | 7.0 |
ibm | websphere_application_server | 7.0.0.1 |
ibm | websphere_application_server | 7.0.0.2 |
ibm | websphere_application_server | 7.0.0.3 |
ibm | websphere_application_server | 7.0.0.4 |
ibm | websphere_application_server | 7.0.0.5 |
ibm | websphere_application_server | 7.0.0.6 |
ibm | websphere_application_server | 7.0.0.7 |
ibm | websphere_application_server | 7.0.0.8 |
ibm | websphere_application_server | 7.0.0.9 |
ibm | websphere_application_server | 7.0.0.11 |
ibm | websphere_application_server | 7.0.0.13 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References