CVE-2010-1041 - OpenCVE

Unspecified vulnerability in the single sign-on functionality in the Web Services implementation in IBM DB2 Content Manager (CM) Toolkit 8.3 before FP13 on z/OS and DB2 Information Integrator for Content 8.3 before FP13 has unknown impact and remote attack vectors.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:L/Au:N/C:C/I:C/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Ibm	Db2 Content Manager

Configuration 1 [-]

OR	cpe:2.3:a:ibm:db2_content_manager::fp12::::::*
	cpe:2.3:a:ibm:db2_content_manager:8.3:::::::*
	cpe:2.3:a:ibm:db2_content_manager:8.3:fp1::::::
	cpe:2.3:a:ibm:db2_content_manager:8.3:fp10::::::
	cpe:2.3:a:ibm:db2_content_manager:8.3:fp11::::::
	cpe:2.3:a:ibm:db2_content_manager:8.3:fp2::::::
	cpe:2.3:a:ibm:db2_content_manager:8.3:fp3::::::
	cpe:2.3:a:ibm:db2_content_manager:8.3:fp3a::::::
	cpe:2.3:a:ibm:db2_content_manager:8.3:fp4::::::
	cpe:2.3:a:ibm:db2_content_manager:8.3:fp5::::::
	cpe:2.3:a:ibm:db2_content_manager:8.3:fp6::::::
	cpe:2.3:a:ibm:db2_content_manager:8.3:fp7::::::
	cpe:2.3:a:ibm:db2_content_manager:8.3:fp8::::::
	cpe:2.3:a:ibm:db2_content_manager:8.3:fp9::::::

No data.

References

Link	Providers
http://secunia.com/advisories/39025
http://securitytracker.com/id?1023726
http://www-01.ibm.com/support/docview.wss?uid=isg1PM03804
http://www-01.ibm.com/support/docview.wss?uid=swg1IO11283
http://www-01.ibm.com/support/docview.wss?uid=swg27018205&aid=1
http://www.osvdb.org/63079
http://www.securityfocus.com/bid/38833
http://www.vupen.com/english/advisories/2010/0656

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2010-03-22T17:23:00Z

Updated: 2024-09-17T01:00:30.193Z

Reserved: 2010-03-22T00:00:00Z

Link: CVE-2010-1041

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2010-03-23T00:53:22.423

Modified: 2010-06-11T04:00:00.000

Link: CVE-2010-1041

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the single sign-on functionality in the Web Services implementation in IBM DB2 Content Manager (CM) Toolkit 8.3 before FP13 on z/OS and DB2 Information Integrator for Content 8.3 before FP13 has unknown impact and remote attack vectors."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2010-03-22T17:23:00Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "63079", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/63079"}, {"name": "ADV-2010-0656", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2010/0656"}, {"name": "PM03804", "tags": ["vendor-advisory", "x_refsource_AIXAPAR"], "url": "http://www-01.ibm.com/support/docview.wss?uid=isg1PM03804"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27018205&aid=1"}, {"name": "IO11283", "tags": ["vendor-advisory", "x_refsource_AIXAPAR"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IO11283"}, {"name": "1023726", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1023726"}, {"name": "39025", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/39025"}, {"name": "38833", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/38833"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2010-1041", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Unspecified vulnerability in the single sign-on functionality in the Web Services implementation in IBM DB2 Content Manager (CM) Toolkit 8.3 before FP13 on z/OS and DB2 Information Integrator for Content 8.3 before FP13 has unknown impact and remote attack vectors."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "63079", "refsource": "OSVDB", "url": "http://www.osvdb.org/63079"}, {"name": "ADV-2010-0656", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2010/0656"}, {"name": "PM03804", "refsource": "AIXAPAR", "url": "http://www-01.ibm.com/support/docview.wss?uid=isg1PM03804"}, {"name": "http://www-01.ibm.com/support/docview.wss?uid=swg27018205&aid=1", "refsource": "CONFIRM", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27018205&aid=1"}, {"name": "IO11283", "refsource": "AIXAPAR", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IO11283"}, {"name": "1023726", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1023726"}, {"name": "39025", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/39025"}, {"name": "38833", "refsource": "BID", "url": "http://www.securityfocus.com/bid/38833"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T01:06:52.790Z"}, "title": "CVE Program Container", "references": [{"name": "63079", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/63079"}, {"name": "ADV-2010-0656", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2010/0656"}, {"name": "PM03804", "tags": ["vendor-advisory", "x_refsource_AIXAPAR", "x_transferred"], "url": "http://www-01.ibm.com/support/docview.wss?uid=isg1PM03804"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27018205&aid=1"}, {"name": "IO11283", "tags": ["vendor-advisory", "x_refsource_AIXAPAR", "x_transferred"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IO11283"}, {"name": "1023726", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://securitytracker.com/id?1023726"}, {"name": "39025", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/39025"}, {"name": "38833", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/38833"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2010-1041", "datePublished": "2010-03-22T17:23:00Z", "dateReserved": "2010-03-22T00:00:00Z", "dateUpdated": "2024-09-17T01:00:30.193Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ibm:db2_content_manager:*:fp12:*:*:*:*:*:*", "matchCriteriaId": "8DFEDF5E-1F92-4B90-A843-8C5491A29E88", "versionEndIncluding": "8.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:db2_content_manager:8.3:*:*:*:*:*:*:*", "matchCriteriaId": "3E1278F3-2B3C-42A3-9958-73051678B0A1", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:db2_content_manager:8.3:fp1:*:*:*:*:*:*", "matchCriteriaId": "51100D0C-2FAD-4F92-BD32-8E512B7B3814", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:db2_content_manager:8.3:fp10:*:*:*:*:*:*", "matchCriteriaId": "5F4FE449-FCE5-4CAB-B4F0-070F278263A2", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:db2_content_manager:8.3:fp11:*:*:*:*:*:*", "matchCriteriaId": "3832490C-20D2-4CF9-BACF-73F5F5F850BD", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:db2_content_manager:8.3:fp2:*:*:*:*:*:*", "matchCriteriaId": "1C097137-1CE2-4997-B45F-23A1D27538FF", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:db2_content_manager:8.3:fp3:*:*:*:*:*:*", "matchCriteriaId": "D6589EBD-D6A9-4501-B045-4D816E6B8597", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:db2_content_manager:8.3:fp3a:*:*:*:*:*:*", "matchCriteriaId": "F1840EDD-C956-4A07-B205-0C1C1D415804", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:db2_content_manager:8.3:fp4:*:*:*:*:*:*", "matchCriteriaId": "D49839A5-8122-40B4-82AA-966CBF54755C", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:db2_content_manager:8.3:fp5:*:*:*:*:*:*", "matchCriteriaId": "CA3164C5-A76F-42C8-A534-2890A4479A78", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:db2_content_manager:8.3:fp6:*:*:*:*:*:*", "matchCriteriaId": "F84CAC84-1A5C-4382-BEEA-9651559AEE74", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:db2_content_manager:8.3:fp7:*:*:*:*:*:*", "matchCriteriaId": "27C244C2-8153-4732-850E-F5654AC014C4", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:db2_content_manager:8.3:fp8:*:*:*:*:*:*", "matchCriteriaId": "5925E5EE-897E-44FF-BF78-A8FE5B3BF1F4", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:db2_content_manager:8.3:fp9:*:*:*:*:*:*", "matchCriteriaId": "6DDF3A5A-B854-430F-8187-C1C7DEB5DA1A", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the single sign-on functionality in the Web Services implementation in IBM DB2 Content Manager (CM) Toolkit 8.3 before FP13 on z/OS and DB2 Information Integrator for Content 8.3 before FP13 has unknown impact and remote attack vectors."}, {"lang": "es", "value": "Vulnerabilidad no especificada en la funcionalidad sing-on en la implementaci\u00f3n de Web Services en IBM DB2 Content Manager (CM) Toolkit v8.3 anteriores a FP13 en z/OS y DB2 Information Integrator para Content v8.3 anteriores a FP13, tiene un impacto y vectores de ataque desconocidos."}], "id": "CVE-2010-1041", "lastModified": "2010-06-11T04:00:00.000", "metrics": {"cvssMetricV2": [{"acInsufInfo": true, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2010-03-23T00:53:22.423", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/39025"}, {"source": "cve@mitre.org", "url": "http://securitytracker.com/id?1023726"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://www-01.ibm.com/support/docview.wss?uid=isg1PM03804"}, {"source": "cve@mitre.org", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IO11283"}, {"source": "cve@mitre.org", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27018205&aid=1"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/63079"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/38833"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2010/0656"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}