Back to search
CVE-2009-0899
Published: Jun 3, 2009
Modified: Aug 7, 2024
PUBLISHED
Description
IBM WebSphere Application Server (WAS) 6.1 through 6.1.0.24 and 7.0 through 7.0.0.4, IBM WebSphere Portal Server 5.1 through 6.0, and IBM Integrated Solutions Console (ISC) 6.0.1 do not properly set the IsSecurityEnabled security flag during migration of WebSphere Member Manager (WMM) to Virtual Member Manager (VMM) and a Federated Repository, which allows attackers to obtain sensitive information from repositories via unspecified vectors.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
35406
vdb-entry
x_refsource_BID
http://www-01.ibm.com/support/docview.wss?uid=swg21375859
x_refsource_CONFIRM
websphere-issecurityenabled-info-disclosure(50882)
vdb-entry
x_refsource_XF
PK78134
vendor-advisory
x_refsource_AIXAPAR
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now