VYPR
Unrated severityNVD Advisory· Published May 4, 2011· Updated Jun 16, 2026

CVE-2011-1209

CVE-2011-1209

Description

IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.39 and 7.0 before 7.0.0.17 uses a weak WS-Security XML encryption algorithm, which makes it easier for remote attackers to obtain plaintext data from a (1) JAX-RPC or (2) JAX-WS Web Services request via unspecified vectors related to a "decryption attack."

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

47
  • cpe:2.3:a:ibm:websphere_application_server:6.1.0:*:*:*:*:*:*:*+ 46 more
    • cpe:2.3:a:ibm:websphere_application_server:6.1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:6.1.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:6.1.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:6.1.0.11:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:6.1.0.12:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:6.1.0.15:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:6.1.0.17:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:6.1.0.19:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:6.1.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:6.1.0.21:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:6.1.0.22:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:6.1.0.23:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:6.1.0.24:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:6.1.0.25:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:6.1.0.27:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:6.1.0.29:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:6.1.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:6.1.0.31:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:6.1.0.32:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:6.1.0.33:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:6.1.0.35:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:6.1.0.37:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:6.1.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:6.1.0.7:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:6.1.0.9:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:6.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:6.1.13:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:6.1.14:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:6.1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:6.1.5:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:6.1.6:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:6.1.7:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:7.0.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:7.0.0.10:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:7.0.0.11:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:7.0.0.12:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:7.0.0.13:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:7.0.0.15:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:7.0.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:7.0.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:7.0.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:7.0.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:7.0.0.6:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:7.0.0.7:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:7.0.0.8:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:7.0.0.9:*:*:*:*:*:*:*
    • (no CPE)range: <6.1.0.39 (6.1.x); <7.0.0.17 (7.0.x)

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.