CVE-2009-0906

IBM WebSphere Application Server SCA Feature Pack < 1.0.0.3 - Authenticated Authentication Bypass

Title source: llm

Description

The Service Component Architecture (SCA) feature pack for IBM WebSphere Application Server (WAS) SCA 1.0 before 1.0.0.3 allows remote authenticated users to bypass intended authentication.transport access restrictions and obtain unspecified access via unknown vectors.

References (4)

Core 4

Core References

Various Sources vendor-advisory x_refsource_aixapar

http://www-1.ibm.com/support/docview.wss?uid=swg1PK86047

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/52074

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/36306

Patch x_refsource_confirm

http://www-01.ibm.com/support/docview.wss?uid=swg27015429

Scores

EPSS 0.0120

EPSS Percentile 64.4%

Details

CWE

CWE-287

Status published

Products (2)

ibm/websphere_application_server 1.0

ibm/websphere_application_server 1.0.0.2

Published Aug 13, 2009

Tracked Since Feb 18, 2026