CVE-2010-1041 : Unspecified vulnerability in the single sign-on functionality in the Web Service

Unspecified vulnerability in the single sign-on functionality in the Web Services implementation in IBM DB2 Content Manager (CM) Toolkit 8.3 before FP13 on z/OS and DB2 Information Integrator for Content 8.3 before FP13 has unknown impact and remote attack vectors.

Published 2010-03-23 00:53:22

Updated 2025-04-11 00:51:22

Source MITRE

View at NVD, CVE.org

Products affected by CVE-2010-1041

IBM » Db2 Content Manager » Update Fp12
Versions up to, including, (<=) 8.3
cpe:2.3:a:ibm:db2_content_manager:*:fp12:*:*:*:*:*:*
Matching versions
IBM » Db2 Content Manager » Version: 8.3 Update Fp10
cpe:2.3:a:ibm:db2_content_manager:8.3:fp10:*:*:*:*:*:*
Matching versions
IBM » Db2 Content Manager » Version: 8.3 Update FP8
cpe:2.3:a:ibm:db2_content_manager:8.3:fp8:*:*:*:*:*:*
Matching versions
IBM » Db2 Content Manager » Version: 8.3 Update FP2
cpe:2.3:a:ibm:db2_content_manager:8.3:fp2:*:*:*:*:*:*
Matching versions
IBM » Db2 Content Manager » Version: 8.3
cpe:2.3:a:ibm:db2_content_manager:8.3:*:*:*:*:*:*:*
Matching versions
IBM » Db2 Content Manager » Version: 8.3 Update FP6
cpe:2.3:a:ibm:db2_content_manager:8.3:fp6:*:*:*:*:*:*
Matching versions
IBM » Db2 Content Manager » Version: 8.3 Update FP5
cpe:2.3:a:ibm:db2_content_manager:8.3:fp5:*:*:*:*:*:*
Matching versions
IBM » Db2 Content Manager » Version: 8.3 Update FP4
cpe:2.3:a:ibm:db2_content_manager:8.3:fp4:*:*:*:*:*:*
Matching versions
IBM » Db2 Content Manager » Version: 8.3 Update Fp3a
cpe:2.3:a:ibm:db2_content_manager:8.3:fp3a:*:*:*:*:*:*
Matching versions
IBM » Db2 Content Manager » Version: 8.3 Update Fp11
cpe:2.3:a:ibm:db2_content_manager:8.3:fp11:*:*:*:*:*:*
Matching versions
IBM » Db2 Content Manager » Version: 8.3 Update FP9
cpe:2.3:a:ibm:db2_content_manager:8.3:fp9:*:*:*:*:*:*
Matching versions
IBM » Db2 Content Manager » Version: 8.3 Update FP7
cpe:2.3:a:ibm:db2_content_manager:8.3:fp7:*:*:*:*:*:*
Matching versions
IBM » Db2 Content Manager » Version: 8.3 Update FP3
cpe:2.3:a:ibm:db2_content_manager:8.3:fp3:*:*:*:*:*:*
Matching versions
IBM » Db2 Content Manager » Version: 8.3 Update FP1
cpe:2.3:a:ibm:db2_content_manager:8.3:fp1:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2010-1041

EPSS FAQ

2.20%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 83 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2010-1041

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
10.0	HIGH	AV:N/AC:L/Au:N/C:C/I:C/A:C	10.0	10.0	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete

References for CVE-2010-1041

http://secunia.com/advisories/39025

Sign in
Vendor Advisory
http://securitytracker.com/id?1023726

IBM DB2 Content Manager Web Services Single Sign-on Flaw Has Unspecified Impact - SecurityTracker
http://www-01.ibm.com/support/docview.wss?uid=isg1PM03804

IBM notice: The page you requested cannot be displayed
Patch
http://www-01.ibm.com/support/docview.wss?uid=swg1IO11283

IBM notice: The page you requested cannot be displayed
http://www.securityfocus.com/bid/38833

IBM DB2 Content Manager Web Services Unspecified Vulnerability
http://www.vupen.com/english/advisories/2010/0656

Webmail | OVH- OVH
Vendor Advisory
http://www.osvdb.org/63079

404 Not Found
http://www-01.ibm.com/support/docview.wss?uid=swg27018205&aid=1

IBM notice: The page you requested cannot be displayed

Jump to

Vulnerability Details : CVE-2010-1041

Products affected by CVE-2010-1041

Exploit prediction scoring system (EPSS) score for CVE-2010-1041

CVSS scores for CVE-2010-1041

References for CVE-2010-1041