CVE-2007-6679 - Vulnerability Details - OpenCVE

Unspecified vulnerability in the Administrative Console in IBM WebSphere Application Server 6.1 before Fix Pack 13 has unknown impact and attack vectors, related to "security concerns with monitor role users." NOTE: it was later reported that 6.0.2 before Fix Pack 25 is also affected.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Ibm	Websphere Application Server

Configuration 1 [-]

OR	cpe:2.3:a:ibm:websphere_application_server::::::::
	cpe:2.3:a:ibm:websphere_application_server:6.1:::::::*
	cpe:2.3:a:ibm:websphere_application_server:6.1.0.1:::::::*
	cpe:2.3:a:ibm:websphere_application_server:6.1.0.2:::::::*
	cpe:2.3:a:ibm:websphere_application_server:6.1.0.3:::::::*
	cpe:2.3:a:ibm:websphere_application_server:6.1.0.5:::::::*
	cpe:2.3:a:ibm:websphere_application_server:6.1.0.7:::::::*
	cpe:2.3:a:ibm:websphere_application_server:6.1.0.9:::::::*
	cpe:2.3:a:ibm:websphere_application_server:6.1.0.11:::::::*

No data.

References

Link	Providers
http://secunia.com/advisories/28588
http://securitytracker.com/id?1019174
http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg27007951
http://www-1.ibm.com/support/docview.wss?uid=swg27006876
http://www-1.ibm.com/support/search.wss?rs=0&q=PK45768&apar=only
http://www.vupen.com/english/advisories/2007/3955
http://www.vupen.com/english/advisories/2008/0241

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2008-01-10T02:00:00

Updated: 2024-08-07T16:18:20.244Z

Reserved: 2008-01-09T00:00:00

Link: CVE-2007-6679

Vulnrichment

No data.

NVD

Status : Modified

Published: 2008-01-10T02:46:00.000

Modified: 2024-11-21T00:40:44.923

Link: CVE-2007-6679

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-11-21T00:00:00", "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the Administrative Console in IBM WebSphere Application Server 6.1 before Fix Pack 13 has unknown impact and attack vectors, related to \"security concerns with monitor role users.\" NOTE: it was later reported that 6.0.2 before Fix Pack 25 is also affected."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2008-01-16T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "ADV-2007-3955", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2007/3955"}, {"name": "1019174", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1019174"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www-1.ibm.com/support/docview.wss?uid=swg27006876"}, {"name": "ADV-2008-0241", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/0241"}, {"name": "28588", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/28588"}, {"name": "PK45768", "tags": ["vendor-advisory", "x_refsource_AIXAPAR"], "url": "http://www-1.ibm.com/support/search.wss?rs=0&q=PK45768&apar=only"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg27007951"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-6679", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Unspecified vulnerability in the Administrative Console in IBM WebSphere Application Server 6.1 before Fix Pack 13 has unknown impact and attack vectors, related to \"security concerns with monitor role users.\" NOTE: it was later reported that 6.0.2 before Fix Pack 25 is also affected."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "ADV-2007-3955", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/3955"}, {"name": "1019174", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1019174"}, {"name": "http://www-1.ibm.com/support/docview.wss?uid=swg27006876", "refsource": "CONFIRM", "url": "http://www-1.ibm.com/support/docview.wss?uid=swg27006876"}, {"name": "ADV-2008-0241", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/0241"}, {"name": "28588", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/28588"}, {"name": "PK45768", "refsource": "AIXAPAR", "url": "http://www-1.ibm.com/support/search.wss?rs=0&q=PK45768&apar=only"}, {"name": "http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg27007951", "refsource": "CONFIRM", "url": "http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg27007951"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T16:18:20.244Z"}, "title": "CVE Program Container", "references": [{"name": "ADV-2007-3955", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2007/3955"}, {"name": "1019174", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://securitytracker.com/id?1019174"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www-1.ibm.com/support/docview.wss?uid=swg27006876"}, {"name": "ADV-2008-0241", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2008/0241"}, {"name": "28588", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/28588"}, {"name": "PK45768", "tags": ["vendor-advisory", "x_refsource_AIXAPAR", "x_transferred"], "url": "http://www-1.ibm.com/support/search.wss?rs=0&q=PK45768&apar=only"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg27007951"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-6679", "datePublished": "2008-01-10T02:00:00", "dateReserved": "2008-01-09T00:00:00", "dateUpdated": "2024-08-07T16:18:20.244Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ibm:websphere_application_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "B6D01526-995E-4861-9A65-D71C6317872C", "versionEndIncluding": "6.0.2.24", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "7B9CDD56-921C-4FAF-87E2-14B91EC1A93D", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "5FC6EB31-9707-408B-8BF5-66BD23441A75", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "9B73E052-AF4F-4543-AA03-F5B1FA976EA8", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "23171B81-C991-467A-95A4-EDDAC59C37BC", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "2586C584-3258-414B-AB28-1EBA0DBD0B83", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "BCA175EA-EDC6-4228-8E28-E9BBC981E60A", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.9:*:*:*:*:*:*:*", "matchCriteriaId": "C6A4EC9D-98C2-40B0-BA40-4838FE8D1FF7", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.11:*:*:*:*:*:*:*", "matchCriteriaId": "7AF5BB33-4E78-4123-8093-EBEE2F2B5598", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the Administrative Console in IBM WebSphere Application Server 6.1 before Fix Pack 13 has unknown impact and attack vectors, related to \"security concerns with monitor role users.\" NOTE: it was later reported that 6.0.2 before Fix Pack 25 is also affected."}, {"lang": "es", "value": "Una vulnerabilidad no especificada en la Consola Administrativa en IBM WebSphere Application Server versi\u00f3n 6.1 anterior a Fix Pack 13, presenta vectores de ataques e impactos desconocidos, relacionados a \"security concerns with monitor role users.\" NOTA: m\u00e1s tarde se report\u00f3 que las versi\u00f3n 6.0.2 anterior a Fix Pack 25 tambi\u00e9n esta afectado"}], "id": "CVE-2007-6679", "lastModified": "2024-11-21T00:40:44.923", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2008-01-10T02:46:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/28588"}, {"source": "cve@mitre.org", "url": "http://securitytracker.com/id?1019174"}, {"source": "cve@mitre.org", "url": "http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg27007951"}, {"source": "cve@mitre.org", "url": "http://www-1.ibm.com/support/docview.wss?uid=swg27006876"}, {"source": "cve@mitre.org", "url": "http://www-1.ibm.com/support/search.wss?rs=0&q=PK45768&apar=only"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2007/3955"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2008/0241"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/28588"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1019174"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg27007951"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www-1.ibm.com/support/docview.wss?uid=swg27006876"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www-1.ibm.com/support/search.wss?rs=0&q=PK45768&apar=only"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2007/3955"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2008/0241"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}