IBM WebSphere Application Server (WAS) 7 before 7.0.0.1 sends SSL traffic over "unsecured TCP," which makes it easier for remote attackers to obtain sensitive information by sniffing the network.
References
Configurations
History
21 Nov 2024, 00:54
Type | Values Removed | Values Added |
---|---|---|
References | () http://secunia.com/advisories/33022 - Patch, Vendor Advisory | |
References | () http://www-01.ibm.com/support/docview.wss?uid=swg27014463 - Patch | |
References | () http://www-1.ibm.com/support/docview.wss?uid=swg1PK74777 - | |
References | () http://www.securityfocus.com/bid/32679 - Patch | |
References | () http://www.vupen.com/english/advisories/2008/3370 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/47135 - |
Information
Published : 2008-12-10 00:30
Updated : 2024-11-21 00:54
NVD link : CVE-2008-5411
Mitre link : CVE-2008-5411
CVE.ORG link : CVE-2008-5411
JSON object : View
Products Affected
ibm
- websphere_application_server
CWE
CWE-310
Cryptographic Issues