CVE-2011-0679

CVSS V2 Medium 5 CVSS V3 None
Description
IBM WebSphere Portal 6.0.1.1 through 7.0.0.0, as used in IBM Lotus Web Content Management (WCM) and IBM Lotus Quickr for WebSphere Portal, allows remote attackers to obtain sensitive information via a "modified message."
Overview
  • CVE ID
  • CVE-2011-0679
  • Assigner
  • cve@mitre.org
  • Vulnerability Status
  • Modified
  • Published Version
  • 2011-01-28T21:00:31
  • Last Modified Date
  • 2017-08-17T01:33:41
Weakness Enumerations
CWE URL
CWE-200 http://cwe.mitre.org/data/definitions/200.html
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
cpe:2.3:a:ibm:websphere_portal:6.0.1.1:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:ibm:websphere_portal:6.0.1.2:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:ibm:websphere_portal:6.0.1.3:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:ibm:websphere_portal:6.0.1.4:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:ibm:websphere_portal:6.0.1.5:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:ibm:websphere_portal:6.0.1.6:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:ibm:websphere_portal:6.0.1.7:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:ibm:websphere_portal:6.1.0.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:ibm:websphere_portal:6.1.0.1:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:ibm:websphere_portal:6.1.0.2:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:ibm:websphere_portal:6.1.0.3:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:ibm:websphere_portal:6.1.5.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:ibm:websphere_portal:7.0.0.0:*:*:*:*:*:*:* 1 OR
CVSS Version 2
  • Version
  • 2.0
  • Vector String
  • AV:N/AC:L/Au:N/C:P/I:N/A:N
  • Access Vector
  • NETWORK
  • Access Compatibility
  • LOW
  • Authentication
  • NONE
  • Confidentiality Impact
  • PARTIAL
  • Integrity Impact
  • NONE
  • Availability Impact
  • NONE
  • Base Score
  • 5
  • Severity
  • MEDIUM
  • Exploitability Score
  • 10
  • Impact Score
  • 2.9
References
Reference URL Reference Tags
http://www-01.ibm.com/support/docview.wss?uid=swg1PM24320
http://www-01.ibm.com/support/docview.wss?uid=swg1PM25698
http://www-01.ibm.com/support/docview.wss?uid=swg1PM24319
http://www-01.ibm.com/support/docview.wss?uid=swg1PM22159
http://www.ibm.com/support/docview.wss?uid=swg21460422
http://secunia.com/advisories/43081 Vendor Advisory
http://www.securityfocus.com/bid/45989
http://www-01.ibm.com/support/docview.wss?uid=swg1PM22167
http://www-01.ibm.com/support/docview.wss?uid=swg1PM26397
http://www-01.ibm.com/support/docview.wss?uid=swg1PM25191
http://osvdb.org/70688
http://www.vupen.com/english/advisories/2011/0223
http://www.kb.cert.org/vuls/id/375127 US Government Resource
https://exchange.xforce.ibmcloud.com/vulnerabilities/64890
Sources
Source Name Source URL
NIST https://nvd.nist.gov/vuln/detail/CVE-2011-0679
MITRE https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0679
History
Created Old Value New Value Data Type Notes
2022-05-10 08:55:17 Added to TrackCVE