CVE-2010-1348

Unspecified vulnerability in the login process in IBM WebSphere Portal 6.0.1.1, and 6.1.0.x before 6.1.0.3 Cumulative Fix 03, has unknown impact and remote attack vectors.

CVSS v2.0 7.5 HIGH

7.5^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://www-01.ibm.com/support/docview.wss?uid=swg1PM08667	Patch Vendor Advisory
http://secunia.com/advisories/39305	Vendor Advisory
http://www.vupen.com/english/advisories/2010/0829	Patch Vendor Advisory
http://www.securityfocus.com/bid/39306
http://osvdb.org/63594
http://www.securitytracker.com/id?1023830
https://exchange.xforce.ibmcloud.com/vulnerabilities/57613

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:ibm:websphere_portal:6.1.0.0:::::::*
	cpe:2.3:a:ibm:websphere_portal:6.1.0.1:::::::*
	cpe:2.3:a:ibm:websphere_portal:6.0.1.1:::::::*
	cpe:2.3:a:ibm:websphere_portal:6.1.0.2:::::::*

Information

Published : 2010-04-12 10:30

Updated : 2017-08-16 18:32

NVD link : CVE-2010-1348

Mitre link : CVE-2010-1348

JSON object : View

CWE

NVD-CWE-noinfo

Products Affected

ibm

websphere_portal

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM08667", "name": "PM08667", "tags": ["Patch", "Vendor Advisory"], "refsource": "AIXAPAR"}, {"url": "http://secunia.com/advisories/39305", "name": "39305", "tags": ["Vendor Advisory"], "refsource": "SECUNIA"}, {"url": "http://www.vupen.com/english/advisories/2010/0829", "name": "ADV-2010-0829", "tags": ["Patch", "Vendor Advisory"], "refsource": "VUPEN"}, {"url": "http://www.securityfocus.com/bid/39306", "name": "39306", "tags": [], "refsource": "BID"}, {"url": "http://osvdb.org/63594", "name": "63594", "tags": [], "refsource": "OSVDB"}, {"url": "http://www.securitytracker.com/id?1023830", "name": "1023830", "tags": [], "refsource": "SECTRACK"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/57613", "name": "websphere-login-unspecified(57613)", "tags": [], "refsource": "XF"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Unspecified vulnerability in the login process in IBM WebSphere Portal 6.0.1.1, and 6.1.0.x before 6.1.0.3 Cumulative Fix 03, has unknown impact and remote attack vectors."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2010-1348", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "severity": "HIGH", "acInsufInfo": true, "impactScore": 6.4, "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2010-04-12T17:30Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:ibm:websphere_portal:6.1.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:websphere_portal:6.1.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:websphere_portal:6.0.1.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:websphere_portal:6.1.0.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2017-08-17T01:32Z"}

7.5 /10