CVE-2011-0679

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2011-0679
IBM WebSphere Portal 6.0.1.1 through 7.0.0.0, as used in IBM Lotus Web Content Management (WCM) and IBM Lotus Quickr for WebSphere Portal, allows remote attackers to obtain sensitive information via a "modified message."

5.0 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References
Link Resource
http://osvdb.org/70688
http://secunia.com/advisories/43081 Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg1PM22159
http://www-01.ibm.com/support/docview.wss?uid=swg1PM22167
http://www-01.ibm.com/support/docview.wss?uid=swg1PM24319
http://www-01.ibm.com/support/docview.wss?uid=swg1PM24320
http://www-01.ibm.com/support/docview.wss?uid=swg1PM25191
http://www-01.ibm.com/support/docview.wss?uid=swg1PM25698
http://www-01.ibm.com/support/docview.wss?uid=swg1PM26397
http://www.ibm.com/support/docview.wss?uid=swg21460422
http://www.kb.cert.org/vuls/id/375127 US Government Resource
http://www.securityfocus.com/bid/45989
http://www.vupen.com/english/advisories/2011/0223
https://exchange.xforce.ibmcloud.com/vulnerabilities/64890
http://osvdb.org/70688
http://secunia.com/advisories/43081 Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg1PM22159
http://www-01.ibm.com/support/docview.wss?uid=swg1PM22167
http://www-01.ibm.com/support/docview.wss?uid=swg1PM24319
http://www-01.ibm.com/support/docview.wss?uid=swg1PM24320
http://www-01.ibm.com/support/docview.wss?uid=swg1PM25191
http://www-01.ibm.com/support/docview.wss?uid=swg1PM25698
http://www-01.ibm.com/support/docview.wss?uid=swg1PM26397
http://www.ibm.com/support/docview.wss?uid=swg21460422
http://www.kb.cert.org/vuls/id/375127 US Government Resource
http://www.securityfocus.com/bid/45989
http://www.vupen.com/english/advisories/2011/0223
https://exchange.xforce.ibmcloud.com/vulnerabilities/64890
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:ibm:websphere_portal:6.0.1.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:6.0.1.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:6.0.1.3:*:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:6.0.1.4:*:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:6.0.1.5:*:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:6.0.1.6:*:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:6.0.1.7:*:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:6.1.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:6.1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:6.1.0.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:6.1.0.3:*:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:6.1.5.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:7.0.0.0:*:*:*:*:*:*:*
History

No history.

Information

Published : 2011-01-28 21:00

Updated : 2025-04-11 00:51

NVD link : CVE-2011-0679

Mitre link : CVE-2011-0679

CVE.ORG link : CVE-2011-0679

JSON object : View

Products Affected

ibm

  • websphere_portal
CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor