IBM WebSphere Service Registry and Repository (WSRR) 7.0.0 before FP1 does not properly implement access control, which allows remote attackers to perform governance actions via unspecified API requests to an EJB interface.
References
Configurations
History
21 Nov 2024, 01:17
Type | Values Removed | Values Added |
---|---|---|
References | () http://secunia.com/advisories/42742 - | |
References | () http://www-01.ibm.com/support/docview.wss?uid=swg1IZ72563 - | |
References | () http://www-01.ibm.com/support/docview.wss?uid=swg24026132 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/63640 - |
Information
Published : 2010-12-22 21:00
Updated : 2024-11-21 01:17
NVD link : CVE-2010-2644
Mitre link : CVE-2010-2644
CVE.ORG link : CVE-2010-2644
JSON object : View
Products Affected
ibm
- websphere_service_registry_and_repository
CWE
CWE-264
Permissions, Privileges, and Access Controls