Lucene search
HistoryDec 18, 2014 - 4:59 p.m.
CVE-2014-8890
cve-2014-8890
ibm
websphere
application server
liberty profile
remote attackers
privileges
servlet
security constraints
servletsecurity annotations
4.3 Medium
AI Score
Confidence
High
5.1 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:P/I:P/A:P
0.008 Low
EPSS
Percentile
82.0%
IBM WebSphere Application Server Liberty Profile 8.5.x before 8.5.5.4 allows remote attackers to gain privileges by leveraging the combination of a servlet’s deployment descriptor security constraints and ServletSecurity annotations.
Related
prion
prion
Design/Logic Flaw
2014-12-18 16:59:00
ibm
ibm
Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Integrated Information Core (CVE-2014-8890)
2022-09-26 03:37:05
openvas
openvas
nessus
nessus
4.3 Medium
AI Score
Confidence
High
5.1 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:P/I:P/A:P
0.008 Low
EPSS
Percentile
82.0%
Related for CVE-2014-8890