CVE-2011-0679: Infoleak
First published: Fri Jan 28 2011(Updated: )
IBM WebSphere Portal 6.0.1.1 through 7.0.0.0, as used in IBM Lotus Web Content Management (WCM) and IBM Lotus Quickr for WebSphere Portal, allows remote attackers to obtain sensitive information via a "modified message."
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM WebSphere Portal | =6.0.1.3 | |
| IBM WebSphere Portal | =7.0.0.0 | |
| IBM WebSphere Portal | =6.1.5.0 | |
| IBM WebSphere Portal | =6.0.1.1 | |
| IBM WebSphere Portal | =6.0.1.4 | |
| IBM WebSphere Portal | =6.0.1.7 | |
| IBM WebSphere Portal | =6.1.0.2 | |
| IBM WebSphere Portal | =6.1.0.1 | |
| IBM WebSphere Portal | =6.0.1.5 | |
| IBM WebSphere Portal | =6.0.1.2 | |
| IBM WebSphere Portal | =6.1.0.3 | |
| IBM WebSphere Portal | =6.1.0.0 | |
| IBM WebSphere Portal | =6.0.1.6 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www-01.ibm.com/support/docview.wss?uid=swg1PM24320
- http://www-01.ibm.com/support/docview.wss?uid=swg1PM25698
- http://www-01.ibm.com/support/docview.wss?uid=swg1PM24319
- http://www-01.ibm.com/support/docview.wss?uid=swg1PM22159
- http://www.ibm.com/support/docview.wss?uid=swg21460422
- http://secunia.com/advisories/43081
- http://www.securityfocus.com/bid/45989
- http://www-01.ibm.com/support/docview.wss?uid=swg1PM22167
- http://www-01.ibm.com/support/docview.wss?uid=swg1PM26397
- http://www-01.ibm.com/support/docview.wss?uid=swg1PM25191
- http://osvdb.org/70688
- http://www.vupen.com/english/advisories/2011/0223
- http://www.kb.cert.org/vuls/id/375127
- https://exchange.xforce.ibmcloud.com/vulnerabilities/64890
Frequently Asked Questions
What is the severity of CVE-2011-0679?
CVE-2011-0679 has been classified as a moderate severity vulnerability that could allow unauthorized access to sensitive information.
How do I fix CVE-2011-0679?
To mitigate CVE-2011-0679, you should apply the latest patches and updates provided by IBM for affected versions of WebSphere Portal.
Which versions of IBM WebSphere Portal are affected by CVE-2011-0679?
CVE-2011-0679 affects IBM WebSphere Portal versions from 6.0.1.1 through 7.0.0.0.
Can CVE-2011-0679 impact IBM Lotus WCM or IBM Lotus Quickr?
Yes, CVE-2011-0679 may also affect components associated with IBM Lotus Web Content Management and IBM Lotus Quickr when used with affected versions of IBM WebSphere Portal.
What type of attack does CVE-2011-0679 involve?
CVE-2011-0679 involves an attack where a remote attacker can exploit a modified message to gain access to sensitive information.
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/severity
- agent/author
- agent/weakness
- agent/first-publish-date
- agent/event
- agent/description
- agent/source
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/ibm
- canonical/ibm websphere portal
- version/ibm websphere portal/6.0.1.3
- version/ibm websphere portal/7.0.0.0
- version/ibm websphere portal/6.1.5.0
- version/ibm websphere portal/6.0.1.1
- version/ibm websphere portal/6.0.1.4
- version/ibm websphere portal/6.0.1.7
- version/ibm websphere portal/6.1.0.2
- version/ibm websphere portal/6.1.0.1
- version/ibm websphere portal/6.0.1.5
- version/ibm websphere portal/6.0.1.2
- version/ibm websphere portal/6.1.0.3
- version/ibm websphere portal/6.1.0.0
- version/ibm websphere portal/6.0.1.6