{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2010-04-06T00:00:00", "descriptions": [{"lang": "en", "value": "IBM WebSphere MQ 6.0 before 6.0.2.9 and 7.0 before 7.0.1.1 does not encrypt the username and password in the security parameters field, which allows remote attackers to obtain sensitive information by sniffing the network traffic from a .NET client application."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-16T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27007069"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27014224"}, {"name": "wmq-net-pass-info-disclosure(63114)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/63114"}, {"name": "IZ56005", "tags": ["vendor-advisory", "x_refsource_AIXAPAR"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ56005"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2010-2637", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "IBM WebSphere MQ 6.0 before 6.0.2.9 and 7.0 before 7.0.1.1 does not encrypt the username and password in the security parameters field, which allows remote attackers to obtain sensitive information by sniffing the network traffic from a .NET client application."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://www-01.ibm.com/support/docview.wss?uid=swg27007069", "refsource": "CONFIRM", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27007069"}, {"name": "http://www-01.ibm.com/support/docview.wss?uid=swg27014224", "refsource": "CONFIRM", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27014224"}, {"name": "wmq-net-pass-info-disclosure(63114)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/63114"}, {"name": "IZ56005", "refsource": "AIXAPAR", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ56005"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T02:39:37.667Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27007069"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27014224"}, {"name": "wmq-net-pass-info-disclosure(63114)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/63114"}, {"name": "IZ56005", "tags": ["vendor-advisory", "x_refsource_AIXAPAR", "x_transferred"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ56005"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2010-2637", "datePublished": "2010-11-12T20:00:00", "dateReserved": "2010-07-06T00:00:00", "dateUpdated": "2024-08-07T02:39:37.667Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ibm:websphere_mq:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "E6D2279B-482A-4CA6-9EF2-C57A95969BC2", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_mq:6.0.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "9728448F-E295-4C33-B2F4-17FAAFCDF169", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_mq:6.0.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "0F36C644-664C-4758-9762-E808C80AE904", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_mq:6.0.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "9C670A3F-7BBB-4115-A037-B5E732ABB6BA", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_mq:6.0.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "24CD8F97-39E0-455C-92CA-F0FE9AE5A0CC", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_mq:6.0.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "C97EC1D0-CA59-4E2C-84EB-054BF27D1BCF", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_mq:6.0.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "7CCD33A5-6567-43CB-909D-D1851ACF4AA8", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_mq:6.0.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "D3664585-D0B4-467C-9B6D-4F8E239F7DCD", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_mq:6.0.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "C2216808-BAE9-4034-9618-5EC4CCB80E7F", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_mq:6.0.2.5:*:*:*:*:*:*:*", "matchCriteriaId": "B6263B9D-A62A-4E41-958A-968F9ACA0CE6", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_mq:6.0.2.6:*:*:*:*:*:*:*", "matchCriteriaId": "19983CDF-4769-4B56-98ED-CE7EE0C1AFF6", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_mq:6.0.2.7:*:*:*:*:*:*:*", "matchCriteriaId": "9377F533-15D0-4F81-B7C1-A84E5346EF6C", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_mq:6.0.2.8:*:*:*:*:*:*:*", "matchCriteriaId": "86A87B5A-D0B8-4F49-A655-CC5AC737782F", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_mq:6.0.2.10:*:*:*:*:*:*:*", "matchCriteriaId": "AFF09F4C-9F56-4931-8839-044491B5FA40", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_mq:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "594287A4-AF30-4872-A5B8-1421FAB5C674", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_mq:7.0.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "896273C9-11F9-45A0-BA46-66F37DFACCC7", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_mq:7.0.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "AF396289-8409-4FE2-96DB-99818D5680B4", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_mq:7.0.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "F6E60ABB-E703-4745-98F3-22609FF70F6F", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "IBM WebSphere MQ 6.0 before 6.0.2.9 and 7.0 before 7.0.1.1 does not encrypt the username and password in the security parameters field, which allows remote attackers to obtain sensitive information by sniffing the network traffic from a .NET client application."}, {"lang": "es", "value": "IBM WebSphere MQ v6.0 anterior v6.0.2.9 y v7.0 anterior v7.0.1.1 no encripta el nombre de usuarios y password en el campos de par\u00e1metros de seguridad, lo que permite a atacantes remotos a obtener informaci\u00f3n sensible por captura de tr\u00e1fico de red desde una aplicaci\u00f3n cliente .NET. \r\n\r\n"}], "id": "CVE-2010-2637", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2010-11-12T21:00:01.283", "references": [{"source": "cve@mitre.org", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ56005"}, {"source": "cve@mitre.org", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27007069"}, {"source": "cve@mitre.org", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27014224"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/63114"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ56005"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27007069"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27014224"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/63114"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-310"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}