Unrated severityNVD Advisory· Published Aug 13, 2009· Updated Apr 23, 2026

CVE-2009-0906

Description

The Service Component Architecture (SCA) feature pack for IBM WebSphere Application Server (WAS) SCA 1.0 before 1.0.0.3 allows remote authenticated users to bypass intended authentication.transport access restrictions and obtain unspecified access via unknown vectors.

Affected products

IBM/Websphere Application Server2 versions
cpe:2.3:a:ibm:websphere_application_server:1.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:ibm:websphere_application_server:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:1.0.0.2:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www-01.ibm.com/support/docview.wssnvdPatch
secunia.com/advisories/36306nvdVendor Advisory
www-1.ibm.com/support/docview.wssnvd
exchange.xforce.ibmcloud.com/vulnerabilities/52074nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000