NVD

Id
65151  
Name
CVE-2006-6607  
Description
The Java Key Store (JKS) for WebSphere Application Server (WAS) for IBM Tivoli Identity Manager (ITIM) 4.6 places the JKS password in a -Djavax.net.ssl.trustStorePassword command line argument, which allows local users to obtain the password by listing the process or using other methods.  
Reject
 
CVSS Version
2  
CVSS Score
2.7  
Severity
Low  
CVSS Base Score
2.7  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
5.1  
CVSS Vector
(AV:A/AC:L/Au:S/C:P/I:N/A:N)  
Pub Date
2016-12-20  
Published
2006-12-17  
Modified Date
2011-03-07  
Seq
2006-6607  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
340147 65151 CVE-2006-6607 1017380  View
340148 65151 CVE-2006-6607 http://www-1.ibm.com/support/docview.wss?uid=swg21251069  View
340149 65151 CVE-2006-6607 21570  View
340150 65151 CVE-2006-6607 ADV-2006-4989  View
340151 65151 CVE-2006-6607 tivoli-truststorepassword-info-disclosure(30865)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
60321 JVNDB-2006-002587 WAS の JKS におけるパスワードを取得される脆弱性 IBM Tivoli Identity Manager (ITIM) 用の WebSphere Application Server (WAS) の Java Key Store (JKS) は、-Djavax.net.ssl.trustStorePassword コマンドライン変数内に JKS パスワードを配置するため、パスワードを取得される脆弱性が存在します。 CVE-2006-6607 22709 CVE-2006-6607 65151 2.7 http://jvndb.jvn.jp/ja/contents/2006/JVNDB-2006-002587.html 2006-12-17 2012-09-25 View