Lucene search

China National Vulnerability DatabaseCNVD-2022-54962

HistoryJul 18, 2022 - 12:00 a.m.

IBM WebSphere Application Server Information Disclosure Vulnerability (CNVD-2022-54962)

2022-07-1800:00:00

China National Vulnerability Database

www.cnvd.org.cn

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

JSON

IBM WebSphere Application Server (WAS) is an application server product from IBM of the United States. The product is a platform for JavaEE and Web services applications and is the foundation of the IBM WebSphere software platform. IBM WebSphere Application Server has a security vulnerability that stems from improper data handling in the management console and can be exploited by remote attackers to obtain sensitive information.

CPENameOperatorVersion
IBM IBM WebSphere Application Server >=7.0.0.0，<=7.eq0.0.45
IBM IBM WebSphere Application Server >=8.0.0.0，<=8.eq0.0.15
IBM Websphere Application Server >=9.0.0.0，<=9.eq0.5.12
IBM Websphere Application Server >=8.5.0.0，<=8.eq5.5.21

Name	Operator	Version
IBM IBM WebSphere Application Server >=7.0.0.0，<=7.	eq	0.0.45
IBM IBM WebSphere Application Server >=8.0.0.0，<=8.	eq	0.0.15
IBM Websphere Application Server >=9.0.0.0，<=9.	eq	0.5.12
IBM Websphere Application Server >=8.5.0.0，<=8.	eq	5.5.21

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

JSON

Related for CNVD-2022-54962