Vulnerability Details CVE-2003-1447
IBM WebSphere Advanced Server Edition 4.0.4 uses a weak encryption algorithm (XOR and base64 encoding), which allows local users to decrypt passwords when the configuration file is exported to XML.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 8.7%
CVSS Severity
CVSS v2 Score 1.9
References
- http://securityreason.com/securityalert/3277
- http://www.securityfocus.com/archive/1/310118
- http://www.securityfocus.com/archive/1/310796
- http://www.securityfocus.com/bid/6758
- https://exchange.xforce.ibmcloud.com/vulnerabilities/11245
- http://securityreason.com/securityalert/3277
- http://www.securityfocus.com/archive/1/310118
- http://www.securityfocus.com/archive/1/310796
- http://www.securityfocus.com/bid/6758
- https://exchange.xforce.ibmcloud.com/vulnerabilities/11245
Products affected by CVE-2003-1447
-
cpe:2.3:a:ibm:websphere_application_server:4.0.4