CVE-2008-3236 — IBM Websphere Application Server vulnerability

CWE-3103 documents3 sources

Severity

5.0MEDIUMNVD

EPSS

0.5%

top 33.35%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Websphere Application Server

Timeline

PublishedJul 21

Latest updateMay 1

Description

Unspecified vulnerability in Wsadmin in the System Management/Repository component in IBM WebSphere Application Server (WAS) 5.1 before 5.1.1.19 allows attackers to obtain sensitive information via vectors related to "previously encrypted properties" that are not encrypted.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDibm/websphere_application_server20 versions+19

🔴Vulnerability Details

GHSA

GHSA-qf3r-58m2-px2j: Unspecified vulnerability in Wsadmin in the System Management/Repository component in IBM WebSphere Application Server (WAS) 5↗2022-05-01

▶

CVEList

CVE-2008-3236: Unspecified vulnerability in Wsadmin in the System Management/Repository component in IBM WebSphere Application Server (WAS) 5↗2008-07-21

▶