Search Results (Refine Search)
- CPE Product Version: cpe:/a:ibm:websphere_application_server:3.5.1
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2006-3232 |
Unspecified vulnerability in IBM WebSphere Application Server before 6.0.2.11 has unknown impact and attack vectors because the "UserNameToken cache was improperly used." Published: June 27, 2006; 6:05:00 AM -0400 |
V3.x:(not available) V2.0: 10.0 HIGH |
CVE-2001-1189 |
IBM Websphere Application Server 3.5.3 and earlier stores a password in cleartext in the sas.server.props file, which allows local users to obtain the passwords via a JSP script. Published: December 13, 2001; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 4.6 MEDIUM |
CVE-2001-0962 |
IBM WebSphere Application Server 3.02 through 3.53 uses predictable session IDs for cookies, which allows remote attackers to gain privileges of WebSphere users via brute force guessing. Published: September 19, 2001; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |