CVE-2010-3700
published 2010-10-29CVE-2010-3700: VMware SpringSource Spring Security 2.x before 2.0.6 and 3.x before 3.0.4, and Acegi Security 1.0.0 through 1.0.7, as used in IBM WebSphere Application Server…
medium5CVSS 3.1
AVNACLAuNCNIPAN
VMware SpringSource Spring Security 2.x before 2.0.6 and 3.x before 3.0.4, and Acegi Security 1.0.0 through 1.0.7, as used in IBM WebSphere Application Server (WAS) 6.1 and 7.0, allows remote attackers to bypass security constraints via a path parameter.
Affected
20 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| acegisecurity | acegi-security | — | — |
| acegisecurity | acegi-security | — | — |
| acegisecurity | acegi-security | — | — |
| acegisecurity | acegi-security | — | — |
| acegisecurity | acegi-security | — | — |
| acegisecurity | acegi-security | — | — |
| acegisecurity | acegi-security | — | — |
| acegisecurity | acegi-security | — | — |
| ibm | websphere_application_server | — | — |
| ibm | websphere_application_server | — | — |
| vmware | springsource_spring_security | — | — |
| vmware | springsource_spring_security | — | — |
| vmware | springsource_spring_security | — | — |
| vmware | springsource_spring_security | — | — |
| vmware | springsource_spring_security | — | — |
| vmware | springsource_spring_security | — | — |
| vmware | springsource_spring_security | — | — |
| vmware | springsource_spring_security | — | — |
| vmware | springsource_spring_security | — | — |
| vmware | springsource_spring_security | — | — |