CVE-2008-0389

Unspecified vulnerability in the serveServletsByClassnameEnabled feature in IBM WebSphere Application Server (WAS) 6.0 through 6.0.2.25, 6.1 through 6.1.0.14, and 5.1.1.x before 5.1.1.18 has unknown impact and attack vectors.

CVSS v2.0 10.0 HIGH

10.0^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 10.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://secunia.com/advisories/28576	Vendor Advisory
http://secunia.com/advisories/29687	Vendor Advisory
http://www-1.ibm.com/support/docview.wss?uid=swg24018067
http://www-1.ibm.com/support/docview.wss?uid=swg24018067
http://www-1.ibm.com/support/docview.wss?uid=swg27006879#51118
http://www.securityfocus.com/bid/27371	Patch
http://www.securitytracker.com/id?1019251
http://www.securitytracker.com/id?1019894
http://www.vupen.com/english/advisories/2008/0219	Vendor Advisory
http://www.vupen.com/english/advisories/2008/1133	Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/39808
http://secunia.com/advisories/28576	Vendor Advisory
http://secunia.com/advisories/29687	Vendor Advisory
http://www-1.ibm.com/support/docview.wss?uid=swg24018067
http://www-1.ibm.com/support/docview.wss?uid=swg24018067
http://www-1.ibm.com/support/docview.wss?uid=swg27006879#51118
http://www.securityfocus.com/bid/27371	Patch
http://www.securitytracker.com/id?1019251
http://www.securitytracker.com/id?1019894
http://www.vupen.com/english/advisories/2008/0219	Vendor Advisory
http://www.vupen.com/english/advisories/2008/1133	Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/39808

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:ibm:websphere_application_server::::::::
	cpe:2.3:a:ibm:websphere_application_server:5.1.1:::::::*
	cpe:2.3:a:ibm:websphere_application_server:5.1.1.1:::::::*
	cpe:2.3:a:ibm:websphere_application_server:5.1.1.2:::::::*
	cpe:2.3:a:ibm:websphere_application_server:5.1.1.3:::::::*
	cpe:2.3:a:ibm:websphere_application_server:5.1.1.4:::::::*
	cpe:2.3:a:ibm:websphere_application_server:5.1.1.5:::::::*
	cpe:2.3:a:ibm:websphere_application_server:5.1.1.6:::::::*
	cpe:2.3:a:ibm:websphere_application_server:5.1.1.7:::::::*
	cpe:2.3:a:ibm:websphere_application_server:5.1.1.8:::::::*
	cpe:2.3:a:ibm:websphere_application_server:5.1.1.9:::::::*
	cpe:2.3:a:ibm:websphere_application_server:5.1.1.10:::::::*
	cpe:2.3:a:ibm:websphere_application_server:5.1.1.12:::::::*
	cpe:2.3:a:ibm:websphere_application_server:5.1.1.14:::::::*
	cpe:2.3:a:ibm:websphere_application_server:5.1.1.15:::::::*
	cpe:2.3:a:ibm:websphere_application_server:5.1.1.16:::::::*
	cpe:2.3:a:ibm:websphere_application_server:6.0:::::::*
	cpe:2.3:a:ibm:websphere_application_server:6.0.1:::::::*
	cpe:2.3:a:ibm:websphere_application_server:6.0.2:::::::*
	cpe:2.3:a:ibm:websphere_application_server:6.0.2::fp17:::::
	cpe:2.3:a:ibm:websphere_application_server:6.0.2.1:::::::*
	cpe:2.3:a:ibm:websphere_application_server:6.0.2.3:::::::*
	cpe:2.3:a:ibm:websphere_application_server:6.0.2.5:::::::*
	cpe:2.3:a:ibm:websphere_application_server:6.0.2.7:::::::*
	cpe:2.3:a:ibm:websphere_application_server:6.0.2.9:::::::*
	cpe:2.3:a:ibm:websphere_application_server:6.0.2.11:::::::*
	cpe:2.3:a:ibm:websphere_application_server:6.0.2.13:::::::*
	cpe:2.3:a:ibm:websphere_application_server:6.0.2.19:::::::*
	cpe:2.3:a:ibm:websphere_application_server:6.0.2.22:::::::*
	cpe:2.3:a:ibm:websphere_application_server:6.0.2.23:::::::*
	cpe:2.3:a:ibm:websphere_application_server:6.0.2.24:::::::*
	cpe:2.3:a:ibm:websphere_application_server:6.0.2.25:::::::*
	cpe:2.3:a:ibm:websphere_application_server:6.1:::::::*
	cpe:2.3:a:ibm:websphere_application_server:6.1.1:::::::*
	cpe:2.3:a:ibm:websphere_application_server:6.1.3:::::::*
	cpe:2.3:a:ibm:websphere_application_server:6.1.5:::::::*
	cpe:2.3:a:ibm:websphere_application_server:6.1.6:::::::*
	cpe:2.3:a:ibm:websphere_application_server:6.1.7:::::::*
	cpe:2.3:a:ibm:websphere_application_server:6.1.13:::::::*
	cpe:2.3:a:ibm:websphere_application_server:6.1.14:::::::*

History

21 Nov 2024, 00:41

Type	Values Removed	Values Added
References	~~() http://secunia.com/advisories/28576 - Vendor Advisory~~	() http://secunia.com/advisories/28576 - Vendor Advisory
References	~~() http://secunia.com/advisories/29687 - Vendor Advisory~~	() http://secunia.com/advisories/29687 - Vendor Advisory
References	~~() http://www-1.ibm.com/support/docview.wss?uid=swg24018067 -~~	() http://www-1.ibm.com/support/docview.wss?uid=swg24018067 -
References	~~() http://www-1.ibm.com/support/docview.wss?uid=swg27006879#51118 -~~	() http://www-1.ibm.com/support/docview.wss?uid=swg27006879#51118 -
References	~~() http://www.securityfocus.com/bid/27371 - Patch~~	() http://www.securityfocus.com/bid/27371 - Patch
References	~~() http://www.securitytracker.com/id?1019251 -~~	() http://www.securitytracker.com/id?1019251 -
References	~~() http://www.securitytracker.com/id?1019894 -~~	() http://www.securitytracker.com/id?1019894 -
References	~~() http://www.vupen.com/english/advisories/2008/0219 - Vendor Advisory~~	() http://www.vupen.com/english/advisories/2008/0219 - Vendor Advisory
References	~~() http://www.vupen.com/english/advisories/2008/1133 - Vendor Advisory~~	() http://www.vupen.com/english/advisories/2008/1133 - Vendor Advisory
References	~~() https://exchange.xforce.ibmcloud.com/vulnerabilities/39808 -~~	() https://exchange.xforce.ibmcloud.com/vulnerabilities/39808 -

Information

Published : 2008-01-23 02:00

Updated : 2025-04-09 00:30

NVD link : CVE-2008-0389

Mitre link : CVE-2008-0389

CVE.ORG link : CVE-2008-0389

JSON object : View

Products Affected

ibm

websphere_application_server

CWE

NVD-CWE-noinfo

{"id": "CVE-2008-0389", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": true, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": true, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2008-01-23T02:00:00.000", "references": [{"url": "http://secunia.com/advisories/28576", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/29687", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www-1.ibm.com/support/docview.wss?uid=swg24018067", "source": "cve@mitre.org"}, {"url": "http://www-1.ibm.com/support/docview.wss?uid=swg24018067", "source": "cve@mitre.org"}, {"url": "http://www-1.ibm.com/support/docview.wss?uid=swg27006879#51118", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/27371", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "http://www.securitytracker.com/id?1019251", "source": "cve@mitre.org"}, {"url": "http://www.securitytracker.com/id?1019894", "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2008/0219", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2008/1133", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39808", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/28576", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/29687", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www-1.ibm.com/support/docview.wss?uid=swg24018067", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www-1.ibm.com/support/docview.wss?uid=swg24018067", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www-1.ibm.com/support/docview.wss?uid=swg27006879#51118", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/27371", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securitytracker.com/id?1019251", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securitytracker.com/id?1019894", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vupen.com/english/advisories/2008/0219", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vupen.com/english/advisories/2008/1133", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39808", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the serveServletsByClassnameEnabled feature in IBM WebSphere Application Server (WAS) 6.0 through 6.0.2.25, 6.1 through 6.1.0.14, and 5.1.1.x before 5.1.1.18 has unknown impact and attack vectors."}, {"lang": "es", "value": "Una vulnerabilidad no especificada en la funci\u00f3n serveServletsByClassnameEnabled en IBM WebSphere Application Server (WAS) versiones 6.0 hasta 6.0.2.25, versiones 6.1 hasta 6.1.0.14 y versiones 5.1.1.x anteriores a 5.1.1.18, presenta un impacto desconocido y vectores de ataque."}], "lastModified": "2025-04-09T00:30:58.490", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ibm:websphere_application_server:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1E42B3D6-7400-45D1-82D6-C187B5E50789", "versionEndIncluding": "5.1.1.17"}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:5.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "31419896-89F7-43A2-8B7C-3B92744BBC46"}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:5.1.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FDA0FE3E-2FB7-415D-BC64-4B5157EABB21"}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:5.1.1.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "559355CF-7FA8-4D90-8393-90C912F571C9"}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:5.1.1.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "355967D9-475A-49AF-A3FF-E0AC3668B289"}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:5.1.1.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DBE79CF3-16A3-40FB-BD7D-5D70DEB0EE09"}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:5.1.1.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FC04CE9C-82B4-4406-823A-69A5E13ECA49"}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:5.1.1.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1F6A5B3A-E57D-4574-A481-7EDA93664076"}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:5.1.1.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "425890C2-FC96-4191-B512-6A3DB7BCE2D2"}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:5.1.1.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7BABB4A4-182D-4FB1-88AD-B6D6EDAE10C8"}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:5.1.1.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0CF8ED4D-D2B6-49EC-930A-16A78E729F17"}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:5.1.1.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8D8219D5-94D7-4E1B-BFA9-EF786FFD2C3C"}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:5.1.1.12:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7F8AFDEA-237C-40CA-AFC1-ED8D212FF867"}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:5.1.1.14:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2F215B48-7ED5-45EB-BD26-3D3EAD01506F"}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:5.1.1.15:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C47D1C56-238B-414B-B2D2-D7069E42D001"}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:5.1.1.16:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "625B5901-B0AF-4D00-BC56-525A6F72943D"}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "01F45BA3-6504-47AF-B757-7B6D3526FBF6"}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CE27E903-6D65-4D29-9583-43FB4CB473B1"}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "714C405D-1E8F-45C1-8A09-5103F0080C76"}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.0.2:*:fp17:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D592217D-3489-40AE-8338-BF5AA5BBA251"}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.0.2.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C7F31FD3-8681-4F07-9644-5CC87D512520"}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.0.2.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "458BAD79-958E-4665-B1F8-0D46E0C57045"}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.0.2.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AC1A723F-D685-4FE5-8938-5682A2D02155"}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.0.2.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9643B593-DADF-4F57-B41E-541C7F554A4C"}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.0.2.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "521DB050-3C94-49BF-8666-6EC2C358AA27"}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.0.2.11:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DB4AB6BD-4439-4100-A3CE-4600AED10B65"}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.0.2.13:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "375DF4AF-3C7C-47C3-BBB8-AF2B3827AC13"}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.0.2.19:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F200042C-D45E-4CAD-BF6E-E3DADF4D1D21"}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.0.2.22:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4421929D-C4B9-43C5-BE61-E68484D3B198"}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.0.2.23:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EB622117-C91F-47D2-9832-B7DB340796E8"}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.0.2.24:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0D65E0CC-FA8C-41FD-B256-47DB0C9757FC"}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.0.2.25:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6D87691D-0719-4447-B258-5FA2BD10F11A"}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7B9CDD56-921C-4FAF-87E2-14B91EC1A93D"}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9FFCD0A1-64B4-4AE7-8161-D8A71F9D6904"}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C086B402-55AC-4913-A929-380EBC438988"}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D4FC14C3-5BFF-4F56-BBD2-3219E7151BF3"}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "40D5CB7D-BD01-4EF3-AF8B-100C200A4C23"}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "736A02C8-784F-4CEE-BACF-C5C37E8930C0"}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1.13:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "200B6A88-EFBD-4935-9596-D8EF3BC24D32"}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1.14:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "20131F92-09B2-41D8-B5D9-38EFE6883EC0"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}

10.0 /10