CVE-2009-0906

The Service Component Architecture (SCA) feature pack for IBM WebSphere Application Server (WAS) SCA 1.0 before 1.0.0.3 allows remote authenticated users to bypass intended authentication.transport access restrictions and obtain unspecified access via unknown vectors.

Published: Aug 13, 2009
Updated: Apr 13, 2023
CVE: CVE-2009-0906
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 6.5
AV:N/AC:L/Au:S/C:P/I:P/A:P

CWEs:

CWE-287

OWASP TOP 10:

A2 - Broken Authentication

Affected Software
References

Software	From	Fixed in
ibm / websphere_application_server	1.0	1.0.x
ibm / websphere_application_server	1.0.0.2	1.0.0.2.x

http://secunia.com/advisories/36306
http://www-01.ibm.com/support/docview.wss?uid=swg27015429
http://www-1.ibm.com/support/docview.wss?uid=swg1PK86047
https://exchange.xforce.ibmcloud.com/vulnerabilities/52074

Vulnerability Database

290,206

CVE-2009-0906