CVE-2009-0906

medium

Description

The Service Component Architecture (SCA) feature pack for IBM WebSphere Application Server (WAS) SCA 1.0 before 1.0.0.3 allows remote authenticated users to bypass intended authentication.transport access restrictions and obtain unspecified access via unknown vectors.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/52074

http://www-1.ibm.com/support/docview.wss?uid=swg1PK86047

http://www-01.ibm.com/support/docview.wss?uid=swg27015429

http://secunia.com/advisories/36306

Details

Source: Mitre, NVD

Published: 2009-08-13

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 6.5

Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Severity: Medium

EPSS

EPSS: 0.00336