iscdeploy in IBM WebSphere Application Server (WAS) 6.1 prior to 6.1.0.43, 7.0 prior to 7.0.0.21, and 8.0 prior to 8.0.0.2 on the IBM i platform sets weak permissions under systemapps/isclite.ear/ and bin/client_ffdc/, which allows local users to read or modify files via standard filesystem operations.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm websphere application server 6.1 |
||
ibm websphere application server 6.1.0.1 |
||
ibm websphere application server 6.1.0.3 |
||
ibm websphere application server 6.1.0.5 |
||
ibm websphere application server 6.1.0.21 |
||
ibm websphere application server 6.1.0.23 |
||
ibm websphere application server 6.1.0.37 |
||
ibm websphere application server 6.1.0.39 |
||
ibm websphere application server 6.1.0.7 |
||
ibm websphere application server 6.1.0.9 |
||
ibm websphere application server 6.1.0.25 |
||
ibm websphere application server 6.1.0.27 |
||
ibm websphere application server 6.1.0.41 |
||
ibm websphere application server 6.1.0.11 |
||
ibm websphere application server 6.1.0.13 |
||
ibm websphere application server 6.1.0.29 |
||
ibm websphere application server 6.1.0.31 |
||
ibm websphere application server 6.1.0.15 |
||
ibm websphere application server 6.1.0.17 |
||
ibm websphere application server 6.1.0.19 |
||
ibm websphere application server 6.1.0.33 |
||
ibm websphere application server 6.1.0.35 |
||
ibm websphere application server 7.0.0.7 |
||
ibm websphere application server 7.0.0.9 |
||
ibm websphere application server 7.0.0.11 |
||
ibm websphere application server 7.0.0.13 |
||
ibm websphere application server 7.0 |
||
ibm websphere application server 7.0.0.1 |
||
ibm websphere application server 7.0.0.15 |
||
ibm websphere application server 7.0.0.17 |
||
ibm websphere application server 7.0.0.3 |
||
ibm websphere application server 7.0.0.5 |
||
ibm websphere application server 7.0.0.19 |
||
ibm websphere application server 8.0.0.1 |
||
ibm websphere application server 8.0 |