Vulnerability CVE-2008-0402
Published: 2008-01-23   Modified: 2012-02-12

Description:
Unspecified vulnerability in IBM WebSphere Business Modeler Basic and Advanced 6.0.2.1 before Interim Fix 11 allows remote authenticated users to bypass intended access restrictions and delete unspecified repository resources via unknown vectors, even when they are not administrators or members of the repository's owning group.

CVSS2 => (AV:N/AC:M/Au:S/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
6/10
6.4/10
6.8/10
Exploit range
Attack complexity
Authentication
Remote
Medium
Single time
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial
Affected software
IBM -> Websphere business modeler 

 References:
http://www-1.ibm.com/support/docview.wss?uid=swg24018060
http://www-1.ibm.com/support/docview.wss?uid=swg24018061
http://www-1.ibm.com/support/search.wss?rs=0&q=JR28175&apar=only
http://www.securityfocus.com/bid/27389
http://www.securitytracker.com/id?1019252
http://www.vupen.com/english/advisories/2008/0254
https://exchange.xforce.ibmcloud.com/vulnerabilities/39830
Copyright 2024, cxsecurity.com

 

Back to Top