Vulnerability Details : CVE-2011-1307
The installer in IBM WebSphere Application Server (WAS) before 7.0.0.15 uses 777 permissions for a temporary log directory, which allows local users to have unintended access to log files via standard filesystem operations, a different vulnerability than CVE-2009-1173.
Threat overview for CVE-2011-1307
Top countries where our scanners detected CVE-2011-1307
Top open port discovered on systems with this issue
9080
IPs affected by CVE-2011-1307 1,443
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2011-1307!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2011-1307
Probability of exploitation activity in the next 30 days: 0.04%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 6 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2011-1307
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
2.1
|
LOW | AV:L/AC:L/Au:N/C:P/I:N/A:N |
3.9
|
2.9
|
NIST |
CWE ids for CVE-2011-1307
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2011-1307
-
http://www-01.ibm.com/support/docview.wss?uid=swg27014463
Fix list for IBM WebSphere Application Server V7.0
-
http://www.securityfocus.com/bid/46736
IBM WebSphere Application Server prior to 7.0.0.15 Multiple Security Vulnerabilities
-
http://www-01.ibm.com/support/docview.wss?uid=swg1PM20021
IBM notice: The page you requested cannot be displayed
-
http://www.vupen.com/english/advisories/2011/0564
Webmail | OVH- OVHVendor Advisory
Products affected by CVE-2011-1307
- cpe:2.3:a:ibm:websphere_application_server:*:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:3.0.21:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:3.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:3.52:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:5.1.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:3.5:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:3.0.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:3.0.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:3.0.2.4:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:3.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:3.0.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:3.5.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:3.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:4.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:5.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:5.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:5.0.2.5:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:5.0.2.6:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:5.0.2.7:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:5.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:5.1.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:5.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:5.0.2.8:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:5.0.2.9:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:5.1.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:5.1.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:5.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:5.0.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:5.1.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:5.0.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:5.0.2.4:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:5.1.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:5.1.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:5.0.2.10:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:5.0.2.11:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:5.1.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:5.1.1.5:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:5.0.2.12:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:5.0.2.13:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:5.0.2.14:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:5.1.1.6:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:5.1.1.7:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:5.0.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:5.1.1.8:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:5.1.1.9:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:4.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.0.2.5:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.0.2.7:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.0.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.0.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:5.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.0.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.0.2.4:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.0.2.6:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:5.1.1.11:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:5.1.1.10:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:5.0.2.15:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:5.0.2.16:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:4.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.0.2.9:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.0.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.0.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.0.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.0.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.1.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.0.2.11:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.0.2.13:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.0.2.15:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:5.1.1.12:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:5.1.1.14:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.0.2.19:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.1.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.1.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.1.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.0.2.17:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.1.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.1.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:5.1.1.15:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:5.1.1.16:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:5.1.1.13:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.1.0.11:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.1.5:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.1.6:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.0.2.22:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.0.2.23:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.1.7:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.1.14:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.0.2.24:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.0.2.25:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.1.13:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.1.0.12:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.1.0.15:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:5.1.1.17:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.1.0.17:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.0.1.15:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.0.1.11:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.0.1.9:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.0.1.7:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.0.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.0.2.32:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.0.1.17:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.0.1.5:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.0.2.27:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.0.2.30:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.0.2.31:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.0.2.28:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.0.2.29:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.1.0.21:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.0.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.0.1.13:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.1.0.19:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:7.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:7.0.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.1.0.23:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:7.0.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:7.0.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.1.0.25:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:7.0.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:7.0.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:7.0.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.1.0.27:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:7.0.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:7.0.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.1.0.29:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.1.0.31:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:7.0.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:6.1.0.33:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:7.0.0.11:*:*:*:*:*:*:*