CVE-2010-1041 - OpenCVE

Unspecified vulnerability in the single sign-on functionality in the Web Services implementation in IBM DB2 Content Manager (CM) Toolkit 8.3 before FP13 on z/OS and DB2 Information Integrator for Content 8.3 before FP13 has unknown impact and remote attack vectors.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:L/Au:N/C:C/I:C/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Ibm	Db2 Content Manager

Configuration 1 [-]

OR	cpe:2.3:a:ibm:db2_content_manager::fp12::::::*
	cpe:2.3:a:ibm:db2_content_manager:8.3:::::::*
	cpe:2.3:a:ibm:db2_content_manager:8.3:fp1::::::
	cpe:2.3:a:ibm:db2_content_manager:8.3:fp10::::::
	cpe:2.3:a:ibm:db2_content_manager:8.3:fp11::::::
	cpe:2.3:a:ibm:db2_content_manager:8.3:fp2::::::
	cpe:2.3:a:ibm:db2_content_manager:8.3:fp3::::::
	cpe:2.3:a:ibm:db2_content_manager:8.3:fp3a::::::
	cpe:2.3:a:ibm:db2_content_manager:8.3:fp4::::::
	cpe:2.3:a:ibm:db2_content_manager:8.3:fp5::::::
	cpe:2.3:a:ibm:db2_content_manager:8.3:fp6::::::
	cpe:2.3:a:ibm:db2_content_manager:8.3:fp7::::::
	cpe:2.3:a:ibm:db2_content_manager:8.3:fp8::::::
	cpe:2.3:a:ibm:db2_content_manager:8.3:fp9::::::

References

Link	Resource
http://secunia.com/advisories/39025	Vendor Advisory
http://securitytracker.com/id?1023726
http://www-01.ibm.com/support/docview.wss?uid=isg1PM03804	Patch
http://www-01.ibm.com/support/docview.wss?uid=swg1IO11283
http://www-01.ibm.com/support/docview.wss?uid=swg27018205&aid=1
http://www.osvdb.org/63079
http://www.securityfocus.com/bid/38833
http://www.vupen.com/english/advisories/2010/0656	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2022-10-03T16:21:01

Updated: 2022-10-03T16:21:01

Reserved: 2022-10-03T00:00:00

Link: CVE-2010-1041

JSON object: View

NVD Information

Status : Analyzed

Published: 2010-03-23T00:53:22.423

Modified: 2010-06-11T04:00:00.000

Link: CVE-2010-1041

JSON object: View

Redhat Information

No data.

CWE

NVD-CWE-noinfo

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the single sign-on functionality in the Web Services implementation in IBM DB2 Content Manager (CM) Toolkit 8.3 before FP13 on z/OS and DB2 Information Integrator for Content 8.3 before FP13 has unknown impact and remote attack vectors."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2022-10-03T16:21:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "63079", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/63079"}, {"name": "ADV-2010-0656", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2010/0656"}, {"name": "PM03804", "tags": ["vendor-advisory", "x_refsource_AIXAPAR"], "url": "http://www-01.ibm.com/support/docview.wss?uid=isg1PM03804"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27018205&aid=1"}, {"name": "IO11283", "tags": ["vendor-advisory", "x_refsource_AIXAPAR"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IO11283"}, {"name": "1023726", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1023726"}, {"name": "39025", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/39025"}, {"name": "38833", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/38833"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2010-1041", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Unspecified vulnerability in the single sign-on functionality in the Web Services implementation in IBM DB2 Content Manager (CM) Toolkit 8.3 before FP13 on z/OS and DB2 Information Integrator for Content 8.3 before FP13 has unknown impact and remote attack vectors."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "63079", "refsource": "OSVDB", "url": "http://www.osvdb.org/63079"}, {"name": "ADV-2010-0656", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2010/0656"}, {"name": "PM03804", "refsource": "AIXAPAR", "url": "http://www-01.ibm.com/support/docview.wss?uid=isg1PM03804"}, {"name": "http://www-01.ibm.com/support/docview.wss?uid=swg27018205&aid=1", "refsource": "CONFIRM", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27018205&aid=1"}, {"name": "IO11283", "refsource": "AIXAPAR", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IO11283"}, {"name": "1023726", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1023726"}, {"name": "39025", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/39025"}, {"name": "38833", "refsource": "BID", "url": "http://www.securityfocus.com/bid/38833"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2010-1041", "datePublished": "2022-10-03T16:21:01", "dateReserved": "2022-10-03T00:00:00", "dateUpdated": "2022-10-03T16:21:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ibm:db2_content_manager:*:fp12:*:*:*:*:*:*", "matchCriteriaId": "8DFEDF5E-1F92-4B90-A843-8C5491A29E88", "versionEndIncluding": "8.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:db2_content_manager:8.3:*:*:*:*:*:*:*", "matchCriteriaId": "3E1278F3-2B3C-42A3-9958-73051678B0A1", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:db2_content_manager:8.3:fp1:*:*:*:*:*:*", "matchCriteriaId": "51100D0C-2FAD-4F92-BD32-8E512B7B3814", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:db2_content_manager:8.3:fp10:*:*:*:*:*:*", "matchCriteriaId": "5F4FE449-FCE5-4CAB-B4F0-070F278263A2", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:db2_content_manager:8.3:fp11:*:*:*:*:*:*", "matchCriteriaId": "3832490C-20D2-4CF9-BACF-73F5F5F850BD", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:db2_content_manager:8.3:fp2:*:*:*:*:*:*", "matchCriteriaId": "1C097137-1CE2-4997-B45F-23A1D27538FF", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:db2_content_manager:8.3:fp3:*:*:*:*:*:*", "matchCriteriaId": "D6589EBD-D6A9-4501-B045-4D816E6B8597", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:db2_content_manager:8.3:fp3a:*:*:*:*:*:*", "matchCriteriaId": "F1840EDD-C956-4A07-B205-0C1C1D415804", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:db2_content_manager:8.3:fp4:*:*:*:*:*:*", "matchCriteriaId": "D49839A5-8122-40B4-82AA-966CBF54755C", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:db2_content_manager:8.3:fp5:*:*:*:*:*:*", "matchCriteriaId": "CA3164C5-A76F-42C8-A534-2890A4479A78", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:db2_content_manager:8.3:fp6:*:*:*:*:*:*", "matchCriteriaId": "F84CAC84-1A5C-4382-BEEA-9651559AEE74", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:db2_content_manager:8.3:fp7:*:*:*:*:*:*", "matchCriteriaId": "27C244C2-8153-4732-850E-F5654AC014C4", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:db2_content_manager:8.3:fp8:*:*:*:*:*:*", "matchCriteriaId": "5925E5EE-897E-44FF-BF78-A8FE5B3BF1F4", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:db2_content_manager:8.3:fp9:*:*:*:*:*:*", "matchCriteriaId": "6DDF3A5A-B854-430F-8187-C1C7DEB5DA1A", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the single sign-on functionality in the Web Services implementation in IBM DB2 Content Manager (CM) Toolkit 8.3 before FP13 on z/OS and DB2 Information Integrator for Content 8.3 before FP13 has unknown impact and remote attack vectors."}, {"lang": "es", "value": "Vulnerabilidad no especificada en la funcionalidad sing-on en la implementaci\u00f3n de Web Services en IBM DB2 Content Manager (CM) Toolkit v8.3 anteriores a FP13 en z/OS y DB2 Information Integrator para Content v8.3 anteriores a FP13, tiene un impacto y vectores de ataque desconocidos."}], "id": "CVE-2010-1041", "lastModified": "2010-06-11T04:00:00.000", "metrics": {"cvssMetricV2": [{"acInsufInfo": true, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2010-03-23T00:53:22.423", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/39025"}, {"source": "cve@mitre.org", "url": "http://securitytracker.com/id?1023726"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://www-01.ibm.com/support/docview.wss?uid=isg1PM03804"}, {"source": "cve@mitre.org", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IO11283"}, {"source": "cve@mitre.org", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27018205&aid=1"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/63079"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/38833"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2010/0656"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}