AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

CVE-2010-0774: The (1) JAX-RPC WS-Security 1.0 and (2) JAX-WS runtime implementations in IBM WebSphere Application Server (WAS) 6.0 bef

infovulnerability

security

Source: NVD/CVE DatabaseMay 17, 2010CVE-2010-0774

Summary

IBM WebSphere Application Server (WAS, a Java application server platform) versions 6.0, 6.1, and 7.0 contain a vulnerability in how they handle WebServices PKCS#7 and PKIPath tokens (digital security credentials used to verify identity). This flaw allows remote attackers (people accessing the system from the internet) to bypass access restrictions that should protect the system.

Vulnerability Details

CVSS Score

4.3

EPSS (30-day exploit probability)

EPSS: 0.1%

Classification

Attack SophisticationModerate

Taxonomy References

CWE (Weakness Type)

CWE-264

Original source: https://nvd.nist.gov/vuln/detail/CVE-2010-0774

First tracked: February 15, 2026 at 08:43 PM

Classified by LLM (prompt v3) · confidence: 95%