CyberSec.Space Logo
Back to CVE Browser

CVE-2006-2430

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1340%
EPSS Percentile2.19th
PublishedMay 17, 2006
Last ModifiedApr 16, 2026

Vulnerability Description

IBM WebSphere Application Server 5.0.2 and earlier, 5.1.1 and earlier, and 6.0.2 up to 6.0.2.7 records user credentials in plaintext in addNode.log, which allows attackers to gain privileges.

Affected Platforms (CPE)

πŸ“¦
Ibm

Websphere Application Server

= 5.0.0
πŸ“¦
Ibm

Websphere Application Server

= 5.0.1
πŸ“¦
Ibm

Websphere Application Server

= 5.0.2
πŸ“¦
Ibm

Websphere Application Server

= 5.1.0
πŸ“¦
Ibm

Websphere Application Server

= 5.1.1
πŸ“¦
Ibm

Websphere Application Server

= 6.0.2
πŸ“¦
Ibm

Websphere Application Server

= 6.0.2.1
πŸ“¦
Ibm

Websphere Application Server

= 6.0.2.2
πŸ“¦
Ibm

Websphere Application Server

= 6.0.2.3
πŸ“¦
Ibm

Websphere Application Server

= 6.0.2.4
πŸ“¦
Ibm

Websphere Application Server

= 6.0.2.5
πŸ“¦
Ibm

Websphere Application Server

= 6.0.2.6
πŸ“¦
Ibm

Websphere Application Server

= 6.0.2.7

References & Advisories

πŸ”— http://archives.neohapsis.com/archives/bugtraq/2006-05/0175.html
πŸ”— http://secunia.com/advisories/20032
πŸ”— http://securityreason.com/securityalert/910
πŸ”— http://www-1.ibm.com/support/docview.wss?rs=0&dc=DB550&q1=PK16492&uid=swg1PK22416&loc=en_US&cs=utf-8&lang=
πŸ”— http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg24011773
πŸ”— http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg24012009
πŸ”— http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg24012064
πŸ”— http://www-1.ibm.com/support/search.wss?rs=0&q=PK16492&apar=only

Related Vulnerabilities

CVE-2006-242910.0

Unspecified vulnerability in IBM WebSphere Application Server 6.0.2, 6.0.2.1, 6.0.2.3, 6.0.2.5, and 6.0.2.7 has unknown impact and...

CVE-2006-243310.0

Unspecified vulnerability in IBM WebSphere Application Server 6.0.2, 6.0.2.1, 6.0.2.3, 6.0.2.5, and 6.0.2.7 has unknown impact and...

CVE-2000-084810.0

Buffer overflow in IBM WebSphere web application server (WAS) allows remote attackers to execute arbitrary commands via a long Hos...

CVE-2006-323210.0

Unspecified vulnerability in IBM WebSphere Application Server before 6.0.2.11 has unknown impact and attack vectors because the "U...