CVE-2007-6679
First published: Thu Jan 10 2008(Updated: )
Unspecified vulnerability in the Administrative Console in IBM WebSphere Application Server 6.1 before Fix Pack 13 has unknown impact and attack vectors, related to "security concerns with monitor role users." NOTE: it was later reported that 6.0.2 before Fix Pack 25 is also affected.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM WebSphere Application Server Feature Pack for Web Services | =6.1 | |
| IBM WebSphere Application Server Feature Pack for Web Services | =6.1.0.2 | |
| IBM WebSphere Application Server Feature Pack for Web Services | =6.1.0.11 | |
| IBM WebSphere Application Server Feature Pack for Web Services | =6.1.0.9 | |
| IBM WebSphere Application Server Feature Pack for Web Services | =6.1.0.1 | |
| IBM WebSphere Application Server Feature Pack for Web Services | =6.1.0.7 | |
| IBM WebSphere Application Server Feature Pack for Web Services | =6.1.0.3 | |
| IBM WebSphere Application Server Feature Pack for Web Services | <=6.0.2.24 | |
| IBM WebSphere Application Server Feature Pack for Web Services | =6.1.0.5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://secunia.com/advisories/28588
- http://securitytracker.com/id?1019174
- http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg27007951
- http://www-1.ibm.com/support/docview.wss?uid=swg27006876
- http://www-1.ibm.com/support/search.wss?rs=0&q=PK45768&apar=only
- http://www.vupen.com/english/advisories/2007/3955
- http://www.vupen.com/english/advisories/2008/0241
Frequently Asked Questions
What is the severity of CVE-2007-6679?
The severity of CVE-2007-6679 is currently unspecified due to unknown impact and attack vectors.
How do I fix CVE-2007-6679?
To fix CVE-2007-6679, you should upgrade to IBM WebSphere Application Server version 6.1 Fix Pack 13 or later.
Which versions of IBM WebSphere Application Server are affected by CVE-2007-6679?
CVE-2007-6679 affects IBM WebSphere Application Server versions 6.0.2 before Fix Pack 25 and 6.1 before Fix Pack 13.
What is the nature of the vulnerability identified as CVE-2007-6679?
CVE-2007-6679 is related to security concerns with monitor role users in the Administrative Console.
Is there a workaround for CVE-2007-6679?
There are no specific workarounds recommended for CVE-2007-6679; updating the software is advised.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/references
- agent/last-modified-date
- agent/weakness
- agent/severity
- agent/first-publish-date
- agent/event
- agent/description
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/ibm
- canonical/ibm websphere application server feature pack for web services
- version/ibm websphere application server feature pack for web services/6.1
- version/ibm websphere application server feature pack for web services/6.1.0.2
- version/ibm websphere application server feature pack for web services/6.1.0.11
- version/ibm websphere application server feature pack for web services/6.1.0.9
- version/ibm websphere application server feature pack for web services/6.1.0.1
- version/ibm websphere application server feature pack for web services/6.1.0.7
- version/ibm websphere application server feature pack for web services/6.1.0.3
- version/ibm websphere application server feature pack for web services/6.0.2.24
- version/ibm websphere application server feature pack for web services/6.1.0.5