CyberSec.Space Logo
CVEブラウザに戻る

CVE-2006-2430

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1340%
EPSS Percentile2.19th
Published2006年5月17日
Last Modified2026年4月16日

Vulnerability Description

IBM WebSphere Application Server 5.0.2 and earlier, 5.1.1 and earlier, and 6.0.2 up to 6.0.2.7 records user credentials in plaintext in addNode.log, which allows attackers to gain privileges.

Affected Platforms (CPE)

📦
Ibm

Websphere Application Server

= 5.0.0
📦
Ibm

Websphere Application Server

= 5.0.1
📦
Ibm

Websphere Application Server

= 5.0.2
📦
Ibm

Websphere Application Server

= 5.1.0
📦
Ibm

Websphere Application Server

= 5.1.1
📦
Ibm

Websphere Application Server

= 6.0.2
📦
Ibm

Websphere Application Server

= 6.0.2.1
📦
Ibm

Websphere Application Server

= 6.0.2.2
📦
Ibm

Websphere Application Server

= 6.0.2.3
📦
Ibm

Websphere Application Server

= 6.0.2.4
📦
Ibm

Websphere Application Server

= 6.0.2.5
📦
Ibm

Websphere Application Server

= 6.0.2.6
📦
Ibm

Websphere Application Server

= 6.0.2.7

References & Advisories

🔗 http://archives.neohapsis.com/archives/bugtraq/2006-05/0175.html
🔗 http://secunia.com/advisories/20032
🔗 http://securityreason.com/securityalert/910
🔗 http://www-1.ibm.com/support/docview.wss?rs=0&dc=DB550&q1=PK16492&uid=swg1PK22416&loc=en_US&cs=utf-8&lang=
🔗 http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg24011773
🔗 http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg24012009
🔗 http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg24012064
🔗 http://www-1.ibm.com/support/search.wss?rs=0&q=PK16492&apar=only

関連する脆弱性情報

CVE-2006-242910.0

Unspecified vulnerability in IBM WebSphere Application Server 6.0.2, 6.0.2.1, 6.0.2.3, 6.0.2.5, and 6.0.2.7 has unknown impact and...

CVE-2006-243310.0

Unspecified vulnerability in IBM WebSphere Application Server 6.0.2, 6.0.2.1, 6.0.2.3, 6.0.2.5, and 6.0.2.7 has unknown impact and...

CVE-2000-084810.0

Buffer overflow in IBM WebSphere web application server (WAS) allows remote attackers to execute arbitrary commands via a long Hos...

CVE-2006-323210.0

Unspecified vulnerability in IBM WebSphere Application Server before 6.0.2.11 has unknown impact and attack vectors because the "U...