VYPR
Unrated severityNVD Advisory· Published Feb 8, 2010· Updated Jun 16, 2026

CVE-2010-0563

CVE-2010-0563

Description

The Single Sign-on (SSO) functionality in IBM WebSphere Application Server (WAS) 7.0.0.0 through 7.0.0.8 does not recognize the Requires SSL configuration option, which might allow remote attackers to obtain sensitive information by sniffing network sessions that were expected to be encrypted.

Affected products

7
  • cpe:2.3:a:ibm:websphere_application_server:7.0:*:*:*:*:*:*:*+ 6 more
    • cpe:2.3:a:ibm:websphere_application_server:7.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:7.0.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:7.0.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:7.0.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:7.0.0.7:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:7.0.0.8:*:*:*:*:*:*:*
    • (no CPE)range: 7.0.0.0 - 7.0.0.8

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.