Access Control Vulnerability in IBM WebSphere Service Registry and Repository
CVE-2010-2644

Currently unrated

Key Information:

Vendor: IBM
Status: Websphere Service Registry And Repository
Vendor: CVE Published:; 22 December 2010

Summary

An access control vulnerability exists in IBM WebSphere Service Registry and Repository (WSRR) 7.0.0 prior to Fix Pack 1, allowing remote attackers to conduct unauthorized governance actions. This vulnerability arises from inadequate implementation of access controls, which can be exploited through unspecified API requests interfacing with the EJB layer. As a result, attackers could manipulate registry functionalities, jeopardizing the integrity and security of the services offered.

References

http://www-01.ibm.com/support/docview.wss?uid=swg24026132

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/63640

vdb-entryx_refsource_XF

http://secunia.com/advisories/42742

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability published
Dec 22, 2010
Vulnerability Reserved
Jul 6, 2010