PT-2009-4546 · Ibm · Ibm Websphere Partner Gateway (Wpg) Enterprise
Publicado
2009-08-13
·
Atualizado
2017-08-17
·
CVE-2009-2093
CVSS v2.0
6.5
Média
| Vetor | AV:N/AC:L/Au:S/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
IBM WebSphere Partner Gateway (WPG) Enterprise versions 6.0 through 6.0 before FP8
IBM WebSphere Partner Gateway (WPG) Enterprise versions 6.1 through 6.1 before FP3
IBM WebSphere Partner Gateway (WPG) Enterprise versions 6.1.1 through 6.1.1 before FP2
IBM WebSphere Partner Gateway (WPG) Enterprise versions 6.2 through 6.2 before FP1
Description
The issue allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, which can lead to unauthorized access and manipulation of data.
Recommendations
For IBM WebSphere Partner Gateway (WPG) Enterprise version 6.0, update to FP8 or later.
For IBM WebSphere Partner Gateway (WPG) Enterprise version 6.1, update to FP3 or later.
For IBM WebSphere Partner Gateway (WPG) Enterprise version 6.1.1, update to FP2 or later.
For IBM WebSphere Partner Gateway (WPG) Enterprise version 6.2, update to FP1 or later.
Correção
SQL injection
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Ibm Websphere Partner Gateway (Wpg) Enterprise