CVE-2008-3235

Published Jul 21, 2008

Last updated a month ago

CVSS info 10.0

Overview

Description: Unspecified vulnerability in the PropFilePasswordEncoder utility in the Security component in IBM WebSphere Application Server (WAS) 5.1 before 5.1.1.19 has unknown impact and attack vectors.
Source: cve@mitre.org
NVD status: Deferred

Risk scores

CVSS 2.0

Type: Primary
Base score: 10
Impact score: 10
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: CWE-255

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:ibm:websphere_application_server:5.1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "66DB2053-6DFD-4FF6-A6E9-444281531E24"
          },
          {
            "criteria": "cpe:2.3:a:ibm:websphere_application_server:5.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "31419896-89F7-43A2-8B7C-3B92744BBC46"
          },
          {
            "criteria": "cpe:2.3:a:ibm:websphere_application_server:5.1.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FDA0FE3E-2FB7-415D-BC64-4B5157EABB21"
          },
          {
            "criteria": "cpe:2.3:a:ibm:websphere_application_server:5.1.1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "559355CF-7FA8-4D90-8393-90C912F571C9"
          },
          {
            "criteria": "cpe:2.3:a:ibm:websphere_application_server:5.1.1.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "355967D9-475A-49AF-A3FF-E0AC3668B289"
          },
          {
            "criteria": "cpe:2.3:a:ibm:websphere_application_server:5.1.1.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DBE79CF3-16A3-40FB-BD7D-5D70DEB0EE09"
          },
          {
            "criteria": "cpe:2.3:a:ibm:websphere_application_server:5.1.1.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FC04CE9C-82B4-4406-823A-69A5E13ECA49"
          },
          {
            "criteria": "cpe:2.3:a:ibm:websphere_application_server:5.1.1.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1F6A5B3A-E57D-4574-A481-7EDA93664076"
          },
          {
            "criteria": "cpe:2.3:a:ibm:websphere_application_server:5.1.1.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "425890C2-FC96-4191-B512-6A3DB7BCE2D2"
          },
          {
            "criteria": "cpe:2.3:a:ibm:websphere_application_server:5.1.1.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7BABB4A4-182D-4FB1-88AD-B6D6EDAE10C8"
          },
          {
            "criteria": "cpe:2.3:a:ibm:websphere_application_server:5.1.1.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0CF8ED4D-D2B6-49EC-930A-16A78E729F17"
          },
          {
            "criteria": "cpe:2.3:a:ibm:websphere_application_server:5.1.1.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8D8219D5-94D7-4E1B-BFA9-EF786FFD2C3C"
          },
          {
            "criteria": "cpe:2.3:a:ibm:websphere_application_server:5.1.1.11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EA0C57F6-D011-47C1-B9DC-B1C3083FD28C"
          },
          {
            "criteria": "cpe:2.3:a:ibm:websphere_application_server:5.1.1.12:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7F8AFDEA-237C-40CA-AFC1-ED8D212FF867"
          },
          {
            "criteria": "cpe:2.3:a:ibm:websphere_application_server:5.1.1.13:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3067F0B0-2DCD-49EB-9727-7C3C7C99A11A"
          },
          {
            "criteria": "cpe:2.3:a:ibm:websphere_application_server:5.1.1.14:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2F215B48-7ED5-45EB-BD26-3D3EAD01506F"
          },
          {
            "criteria": "cpe:2.3:a:ibm:websphere_application_server:5.1.1.15:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C47D1C56-238B-414B-B2D2-D7069E42D001"
          },
          {
            "criteria": "cpe:2.3:a:ibm:websphere_application_server:5.1.1.16:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "625B5901-B0AF-4D00-BC56-525A6F72943D"
          },
          {
            "criteria": "cpe:2.3:a:ibm:websphere_application_server:5.1.1.17:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BA32E836-172D-45BF-B911-9EA2B026E76C"
          },
          {
            "criteria": "cpe:2.3:a:ibm:websphere_application_server:5.1.1.18:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "79307DAB-2195-4324-AA40-A4AE98D01513"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

References

Sources include official advisories and independent security research.

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References