1. CVE-Search
  2. CVE-2006-4137
ID CVE-2006-4137
Summary IBM WebSphere Application Server before 6.1.0.1 allows attackers to obtain sensitive information via unspecified vectors related to (1) the log file, (2) "script generated syntax on wsadmin command line," and (3) traces.
References
Vulnerable Configurations
  • cpe:2.3:a:ibm:websphere_application_server:6.0:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:websphere_application_server:6.0:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:websphere_application_server:6.0.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:websphere_application_server:6.0.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:websphere_application_server:6.0.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:websphere_application_server:6.0.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:websphere_application_server:6.0.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:websphere_application_server:6.0.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:websphere_application_server:6.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:websphere_application_server:6.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:websphere_application_server:6.0.1.2:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:websphere_application_server:6.0.1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:websphere_application_server:6.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:websphere_application_server:6.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:websphere_application_server:6.0.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:websphere_application_server:6.0.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:websphere_application_server:6.0.2.2:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:websphere_application_server:6.0.2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:websphere_application_server:6.0.2.3:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:websphere_application_server:6.0.2.3:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:websphere_application_server:6.0.2.4:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:websphere_application_server:6.0.2.4:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:websphere_application_server:6.0.2.5:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:websphere_application_server:6.0.2.5:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:websphere_application_server:6.0.2.6:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:websphere_application_server:6.0.2.6:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:websphere_application_server:6.0.2.7:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:websphere_application_server:6.0.2.7:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:websphere_application_server:6.0.2.9:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:websphere_application_server:6.0.2.9:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:websphere_application_server:6.1.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:websphere_application_server:6.1.0.0:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 08-03-2011 - 02:40)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:N/A:N
refmap via4
aixapar
  • PK27547
  • PK27857
  • PK28408
bid 19463
confirm http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg27007951
secunia 21440
vupen ADV-2006-3262
Last major update 08-03-2011 - 02:40
Published 14-08-2006 - 23:04
Last modified 08-03-2011 - 02:40
Back to Top