Unrated severityNVD Advisory· Published Feb 8, 2010· Updated Jun 16, 2026
CVE-2010-0563
CVE-2010-0563
Description
The Single Sign-on (SSO) functionality in IBM WebSphere Application Server (WAS) 7.0.0.0 through 7.0.0.8 does not recognize the Requires SSL configuration option, which might allow remote attackers to obtain sensitive information by sniffing network sessions that were expected to be encrypted.
Affected products
7cpe:2.3:a:ibm:websphere_application_server:7.0:*:*:*:*:*:*:*+ 6 more
- cpe:2.3:a:ibm:websphere_application_server:7.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:7.0.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:7.0.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:7.0.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:7.0.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:7.0.0.8:*:*:*:*:*:*:*
- (no CPE)range: 7.0.0.0 - 7.0.0.8
Patches
Vulnerability mechanics
References
6- www-01.ibm.com/support/docview.wssnvdPatchVendor Advisory
- secunia.com/advisories/38425nvdVendor Advisory
- securitytracker.com/idnvd
- www-1.ibm.com/support/docview.wssnvd
- www.osvdb.org/62140nvd
- www.securityfocus.com/bid/38122nvd
News mentions
0No linked articles in our index yet.