Lucene search

[email protected]CVE-2015-1946

HistoryJul 14, 2015 - 5:59 p.m.

CVE-2015-1946

2015-07-1417:59:00

CWE-264

[email protected]

web.nvd.nist.gov

ibm

websphere

application server

cve-2015-1946

local user

privilege escalation

7 High

AI Score

Confidence

Low

4.4 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

5.2%

JSON

IBM WebSphere Application Server (WAS) 8.5 before 8.5.5.6, and WebSphere Virtual Enterprise 7.0 before 7.0.0.6 for WebSphere Application Server (WAS) 7.0 and 8.0, does not properly implement user roles, which allows local users to gain privileges via unspecified vectors.

CPENameOperatorVersion
ibm:websphere_application_serveribm websphere application servereq8.5.0.2
ibm:websphere_application_serveribm websphere application servereq8.5.5.1
ibm:websphere_application_serveribm websphere application servereq8.5.5.0
ibm:websphere_application_serveribm websphere application servereq8.5.5.5
ibm:websphere_application_serveribm websphere application servereq7.0
ibm:websphere_application_serveribm websphere application servereq8.5.5.4
ibm:websphere_application_serveribm websphere application servereq8.5.0.1
ibm:websphere_application_serveribm websphere application servereq8.5.0.0
ibm:websphere_application_serveribm websphere application servereq8.0.0.0
ibm:websphere_application_serveribm websphere application servereq8.5.5.3

CPE	Name	Operator	Version
ibm:websphere_application_server	ibm websphere application server	eq	8.5.0.2
ibm:websphere_application_server	ibm websphere application server	eq	8.5.5.1
ibm:websphere_application_server	ibm websphere application server	eq	8.5.5.0
ibm:websphere_application_server	ibm websphere application server	eq	8.5.5.5
ibm:websphere_application_server	ibm websphere application server	eq	7.0
ibm:websphere_application_server	ibm websphere application server	eq	8.5.5.4
ibm:websphere_application_server	ibm websphere application server	eq	8.5.0.1
ibm:websphere_application_server	ibm websphere application server	eq	8.5.0.0
ibm:websphere_application_server	ibm websphere application server	eq	8.0.0.0
ibm:websphere_application_server	ibm websphere application server	eq	8.5.5.3

Rows per page:

1-10 of 171

References

www-01.ibm.com/support/docview.wss?uid=swg1PI35180

www-01.ibm.com/support/docview.wss?uid=swg21959083

www.securityfocus.com/bid/75496

7 High

AI Score

Confidence

Low

4.4 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

5.2%

JSON

Related for CVE-2015-1946

ibm19 prion1 openvas1 nessus4