What is the severity of CVE-2010-0785?

CVE-2010-0785 is classified as a moderate severity vulnerability due to its ability to hijack user authentication via cross-site request forgery.

How do I fix CVE-2010-0785?

To fix CVE-2010-0785, upgrade IBM WebSphere Application Server to version 6.1.0.35 or 7.0.0.13 or later.

What versions of IBM WebSphere Application Server are affected by CVE-2010-0785?

CVE-2010-0785 affects IBM WebSphere Application Server versions 6.1 prior to 6.1.0.35 and 7.0 prior to 7.0.0.13.

What type of vulnerability is CVE-2010-0785?

CVE-2010-0785 is a cross-site request forgery (CSRF) vulnerability.

Can CVE-2010-0785 be exploited remotely?

Yes, CVE-2010-0785 can be exploited remotely by attackers to hijack user authentication.

Vulnerability/
CVE-2010-0785

medium

CWE

352

9/11/2010

7/8/2024

CVE-2010-0785: CSRF

First published: Tue Nov 09 2010(Updated: )

Cross-site request forgery (CSRF) vulnerability in the Administrative Console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.35 and 7.0 before 7.0.0.13 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.21
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.31
IBM WebSphere Application Server Feature Pack for Web Services	=6.1
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.19
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.2
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.33
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.25
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.11
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.9
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.0
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.1
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.27
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.29
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.7
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.3
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.17
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.15
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.23
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.5
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.12
IBM WebSphere Application Server Feature Pack for Web Services	=7.0.0.2
IBM WebSphere Application Server Feature Pack for Web Services	=7.0.0.5
IBM WebSphere Application Server Feature Pack for Web Services	=7.0.0.9
IBM WebSphere Application Server Feature Pack for Web Services	=7.0.0.4
IBM WebSphere Application Server Feature Pack for Web Services	=7.0.0.11
IBM WebSphere Application Server Feature Pack for Web Services	=7.0
IBM WebSphere Application Server Feature Pack for Web Services	=7.0.0.8
IBM WebSphere Application Server Feature Pack for Web Services	=7.0.0.6
IBM WebSphere Application Server Feature Pack for Web Services	=7.0.0.7
IBM WebSphere Application Server Feature Pack for Web Services	=7.0.0.13
IBM WebSphere Application Server Feature Pack for Web Services	=7.0.0.3
IBM WebSphere Application Server Feature Pack for Web Services	=7.0.0.1

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2010-0785?
CVE-2010-0785 is classified as a moderate severity vulnerability due to its ability to hijack user authentication via cross-site request forgery.
How do I fix CVE-2010-0785?
To fix CVE-2010-0785, upgrade IBM WebSphere Application Server to version 6.1.0.35 or 7.0.0.13 or later.
What versions of IBM WebSphere Application Server are affected by CVE-2010-0785?
CVE-2010-0785 affects IBM WebSphere Application Server versions 6.1 prior to 6.1.0.35 and 7.0 prior to 7.0.0.13.
What type of vulnerability is CVE-2010-0785?
CVE-2010-0785 is a cross-site request forgery (CSRF) vulnerability.
Can CVE-2010-0785 be exploited remotely?
Yes, CVE-2010-0785 can be exploited remotely by attackers to hijack user authentication.

agent/references
agent/type
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/severity
agent/author
agent/description
agent/first-publish-date
agent/event
agent/source
agent/weakness
agent/softwarecombine
agent/tags
collector/nvd-historical
agent/software-canonical-lookup-request
collector/nvd-index
vendor/ibm
canonical/ibm websphere application server feature pack for web services
version/ibm websphere application server feature pack for web services/6.1.0.21
version/ibm websphere application server feature pack for web services/6.1.0.31
version/ibm websphere application server feature pack for web services/6.1
version/ibm websphere application server feature pack for web services/6.1.0.19
version/ibm websphere application server feature pack for web services/6.1.0.2
version/ibm websphere application server feature pack for web services/6.1.0.33
version/ibm websphere application server feature pack for web services/6.1.0.25
version/ibm websphere application server feature pack for web services/6.1.0.11
version/ibm websphere application server feature pack for web services/6.1.0.9
version/ibm websphere application server feature pack for web services/6.1.0.0
version/ibm websphere application server feature pack for web services/6.1.0.1
version/ibm websphere application server feature pack for web services/6.1.0.27
version/ibm websphere application server feature pack for web services/6.1.0.29
version/ibm websphere application server feature pack for web services/6.1.0.7
version/ibm websphere application server feature pack for web services/6.1.0.3
version/ibm websphere application server feature pack for web services/6.1.0.17
version/ibm websphere application server feature pack for web services/6.1.0.15
version/ibm websphere application server feature pack for web services/6.1.0.23
version/ibm websphere application server feature pack for web services/6.1.0
version/ibm websphere application server feature pack for web services/6.1.0.5
version/ibm websphere application server feature pack for web services/6.1.0.12
version/ibm websphere application server feature pack for web services/7.0.0.2
version/ibm websphere application server feature pack for web services/7.0.0.5
version/ibm websphere application server feature pack for web services/7.0.0.9
version/ibm websphere application server feature pack for web services/7.0.0.4
version/ibm websphere application server feature pack for web services/7.0.0.11
version/ibm websphere application server feature pack for web services/7.0
version/ibm websphere application server feature pack for web services/7.0.0.8
version/ibm websphere application server feature pack for web services/7.0.0.6
version/ibm websphere application server feature pack for web services/7.0.0.7
version/ibm websphere application server feature pack for web services/7.0.0.13
version/ibm websphere application server feature pack for web services/7.0.0.3
version/ibm websphere application server feature pack for web services/7.0.0.1