SQL Injection Vulnerability in IBM WebSphere Partner Gateway
CVE-2009-2093

Currently unrated

Key Information:

Vendor: IBM
Status: Websphere Partner Gateway
Vendor: CVE Published:; 13 August 2009

Summary

An SQL injection vulnerability exists in the console of various versions of IBM WebSphere Partner Gateway. This issue enables remote authenticated users to execute arbitrary SQL commands through unspecified vectors, potentially compromising the database integrity and exposing sensitive information.

References

http://www.vupen.com/english/advisories/2009/2292

vdb-entryx_refsource_VUPEN

http://www-1.ibm.com/support/docview.wss?uid=swg1JR32609

vendor-advisoryx_refsource_AIXAPAR

http://www-1.ibm.com/support/docview.wss?uid=swg1JR32608

vendor-advisoryx_refsource_AIXAPAR

Timeline

Vulnerability published
Aug 13, 2009
Vulnerability Reserved
Jun 16, 2009