1. Home
  2. CVE Database
  3. CVE-2008-7274
MEDIUM · 4.3

CVE-2008-7274

IBM WebSphere Application Server (WAS) 6.1.0.9, when the JAAS Login functionality is enabled, allows attackers to perform an internal application hashtable login by (1) not providing a password or (2)...

Vulnerability Description

IBM WebSphere Application Server (WAS) 6.1.0.9, when the JAAS Login functionality is enabled, allows attackers to perform an internal application hashtable login by (1) not providing a password or (2) providing an empty password.

CVSS Score

4.3

MEDIUM

AV:N/AC:M/Au:N/C:N/I:P/A:N
Confidentiality
NONE
Integrity
PARTIAL
Availability
NONE

Affected Products

VendorProductVersions
IbmWebsphere Application Server6.1.0.9

Related Weaknesses (CWE)

CWE-20

References

FAQ

What is CVE-2008-7274?

CVE-2008-7274 is a vulnerability with a CVSS score of 4.3 (MEDIUM). IBM WebSphere Application Server (WAS) 6.1.0.9, when the JAAS Login functionality is enabled, allows attackers to perform an internal application hashtable login by (1) not providing a password or (2)...

How severe is CVE-2008-7274?

CVE-2008-7274 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2008-7274?

Check the references section above for vendor advisories and patch information. Affected products include: Ibm Websphere Application Server.