CVE-2011-0679

IBM WebSphere Portal 6.0.1.1 through 7.0.0.0, as used in IBM Lotus Web Content Management (WCM) and IBM Lotus Quickr for WebSphere Portal, allows remote attackers to obtain sensitive information via a "modified message."

Published: Jan 28, 2011
Updated: Apr 13, 2023
CVE: CVE-2011-0679
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:P/I:N/A:N

CWEs:

CWE-200

Affected Software
References

Software	From	Fixed in
ibm / websphere_portal	6.0.1.3	6.0.1.3.x
ibm / websphere_portal	7.0.0.0	7.0.0.0.x
ibm / websphere_portal	6.1.5.0	6.1.5.0.x
ibm / websphere_portal	6.0.1.1	6.0.1.1.x
ibm / websphere_portal	6.0.1.4	6.0.1.4.x
ibm / websphere_portal	6.0.1.7	6.0.1.7.x
ibm / websphere_portal	6.1.0.2	6.1.0.2.x
ibm / websphere_portal	6.1.0.1	6.1.0.1.x
ibm / websphere_portal	6.0.1.5	6.0.1.5.x
ibm / websphere_portal	6.0.1.2	6.0.1.2.x
ibm / websphere_portal	6.1.0.3	6.1.0.3.x
ibm / websphere_portal	6.1.0.0	6.1.0.0.x
ibm / websphere_portal	6.0.1.6	6.0.1.6.x

http://osvdb.org/70688
http://secunia.com/advisories/43081
http://www-01.ibm.com/support/docview.wss?uid=swg1PM22159
http://www-01.ibm.com/support/docview.wss?uid=swg1PM22167
http://www-01.ibm.com/support/docview.wss?uid=swg1PM24319
http://www-01.ibm.com/support/docview.wss?uid=swg1PM24320
http://www-01.ibm.com/support/docview.wss?uid=swg1PM25191
http://www-01.ibm.com/support/docview.wss?uid=swg1PM25698
http://www-01.ibm.com/support/docview.wss?uid=swg1PM26397
http://www.ibm.com/support/docview.wss?uid=swg21460422
http://www.kb.cert.org/vuls/id/375127
http://www.securityfocus.com/bid/45989
http://www.vupen.com/english/advisories/2011/0223
https://exchange.xforce.ibmcloud.com/vulnerabilities/64890

Vulnerability Database

289,697

CVE-2011-0679