CVE-2010-1348

Unspecified vulnerability in the login process in IBM WebSphere Portal 6.0.1.1, and 6.1.0.x before 6.1.0.3 Cumulative Fix 03, has unknown impact and remote attack vectors.

CVSS v2.0 7.5 HIGH

7.5^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://osvdb.org/63594
http://secunia.com/advisories/39305	Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg1PM08667	Patch Vendor Advisory
http://www.securityfocus.com/bid/39306
http://www.securitytracker.com/id?1023830
http://www.vupen.com/english/advisories/2010/0829	Patch Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/57613

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:ibm:websphere_portal:6.0.1.1:::::::*
	cpe:2.3:a:ibm:websphere_portal:6.1.0.0:::::::*
	cpe:2.3:a:ibm:websphere_portal:6.1.0.1:::::::*
	cpe:2.3:a:ibm:websphere_portal:6.1.0.2:::::::*

History

No history.

Information

Published : 2010-04-12 17:30

Updated : 2023-12-10 11:03

NVD link : CVE-2010-1348

Mitre link : CVE-2010-1348

CVE.ORG link : CVE-2010-1348

JSON object : View

Products Affected

ibm

websphere_portal

CWE

NVD-CWE-noinfo

{"id": "CVE-2010-1348", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": true, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2010-04-12T17:30:00.570", "references": [{"url": "http://osvdb.org/63594", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/39305", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM08667", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/39306", "source": "cve@mitre.org"}, {"url": "http://www.securitytracker.com/id?1023830", "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2010/0829", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/57613", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the login process in IBM WebSphere Portal 6.0.1.1, and 6.1.0.x before 6.1.0.3 Cumulative Fix 03, has unknown impact and remote attack vectors."}, {"lang": "es", "value": "Vulnerabilidad inespec\u00edfica en el proceso de inicio de sesi\u00f3n en IBM WebSphere Portal v6.0.1.1, y v6.1.0.x anteriores a v6.1.0.3 Cumulative Fix 03, tiene impacto y vectores desconocidos."}], "lastModified": "2017-08-17T01:32:21.007", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ibm:websphere_portal:6.0.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9FC6A48A-E669-4AA0-AD83-85778A7B6C67"}, {"criteria": "cpe:2.3:a:ibm:websphere_portal:6.1.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E618064A-3D05-4DC6-9A47-0EDF2427642F"}, {"criteria": "cpe:2.3:a:ibm:websphere_portal:6.1.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3DE74154-3E79-4D56-96C4-D8E644F1419D"}, {"criteria": "cpe:2.3:a:ibm:websphere_portal:6.1.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FA915826-5D89-43E9-83E7-88973648302A"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}