CVE-2012-0717Improper Authentication in IBM Websphere Application Server

CWE-287Improper Authentication3 documents3 sources
Severity
2.6LOWNVD
EPSS
0.1%
top 79.63%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Websphere Application Server
Timeline
PublishedJun 20
Latest updateMay 17

Description

IBM WebSphere Application Server 7.0 before 7.0.0.23, when a certain SSLv2 configuration with client authentication is used, allows remote attackers to bypass X.509 client-certificate authentication via unspecified vectors.

CVSS vector

AV:N/AC:H/C:N/I:P/A:NExploitability: 4.9 | Impact: 2.9

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-7p6q-pp8g-mmjw: IBM WebSphere Application Server 72022-05-17
CVEList
CVE-2012-0717: IBM WebSphere Application Server 72012-06-20
CVE-2012-0717 — Improper Authentication in IBM | cvebase