NVD

Id
8177  
Name
CVE-2011-1209  
Description
IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.39 and 7.0 before 7.0.0.17 uses a weak WS-Security XML encryption algorithm, which makes it easier for remote attackers to obtain plaintext data from a (1) JAX-RPC or (2) JAX-WS Web Services request via unspecified vectors related to a "decryption attack."  
Reject
 
CVSS Version
2  
CVSS Score
4.3  
Severity
Medium  
CVSS Base Score
4.3  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:P/I:N/A:N)  
Pub Date
2017-01-07  
Published
2011-05-04  
Modified Date
2011-05-31  
Seq
2011-1209  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
47038 8177 CVE-2011-1209 PM34841  View
47039 8177 CVE-2011-1209 http://www-01.ibm.com/support/docview.wss?uid=swg24029632  View
47040 8177 CVE-2011-1209 was-xmlencryption-weak-security(67115)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
31474 JVNDB-2011-001714 IBM WebSphere Application Server の暗号化アルゴリズムにおける脆弱性 IBM WebSphere Application Server (WAS) は、XML 暗号化アルゴリズムに対し、脆弱な WS-Security を使用するため、リクエストに含まれるプレーンテキストデータを取得される脆弱性が存在します。 CVE-2011-1209 49116 CVE-2011-1209 8177 4.3 http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-001714.html 2011-04-15 2011-08-15 View