CVE Vulnerability

CVE-2008-0402

Unspecified vulnerability in IBM WebSphere Business Modeler Basic and Advanced 6.0.2.1 before Interim Fix 11 allows remote authenticated users to bypass intended access restrictions and delete unspecified repository resources via unknown vectors, even when they are not administrators or members of the repository's owning group.

6 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 6.8 / Impact : 6.4

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

Scope

References
Link Resource
http://www-1.ibm.com/support/docview.wss?uid=swg24018060 Patch
http://www-1.ibm.com/support/docview.wss?uid=swg24018061 Patch
http://www-1.ibm.com/support/search.wss?rs=0&q=JR28175&apar=only
http://www.securityfocus.com/bid/27389
http://www.securitytracker.com/id?1019252
http://secunia.com/advisories/28586 Vendor Advisory
http://www.vupen.com/english/advisories/2008/0254
https://exchange.xforce.ibmcloud.com/vulnerabilities/39830
Configurations

Configuration 1

cpe:2.3:a:ibm:websphere_business_modeler:6.0.2_1:*:basic:*:*:*:*:*
cpe:2.3:a:ibm:websphere_business_modeler:6.0.2_1:*:advanced:*:*:*:*:*
Information

Published : 2008-01-23 12:00

Updated : 2017-08-08 01:29

NVD link : CVE-2008-0402

Mitre link : CVE-2008-0402

Products Affected
No products.
CWE
CWE-264