CVE-2006-6136

Severity

99%

Complexity

99%

Confidentiality

165%

IBM WebSphere Application Server 6.1.0 before Fix Pack 3 (6.1.0.3) does not perform EAL4 authentication checks at the proper time during "registering of response operation," which has unknown impact and attack vectors.

IBM WebSphere Application Server 6.1.0 before Fix Pack 3 (6.1.0.3) does not perform EAL4 authentication checks at the proper time during "registering of response operation," which has unknown impact and attack vectors.

CVSS 2.0 Base Score 9.9. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C).

Overview

First reported 18 years ago

2006-11-28 02:07:00

Last updated 13 years ago

2011-03-08 02:45:00

Affected Software

IBM WebSphere Application Server 6.1.0

6.1.0

References

23028

21204

ADV-2006-4639

http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg24013830

http://www-1.ibm.com/support/docview.wss?uid=swg27007951

Patch

PK29847

Patch

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.