Lucene search

[email protected]CVE-2016-0389

HistoryJul 07, 2016 - 2:59 p.m.

CVE-2016-0389

2016-07-0714:59:00

CWE-200

[email protected]

web.nvd.nist.gov

cve-2016-0389

ibm websphere

was

liberty

security vulnerability

information disclosure

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

5.6 Medium

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.003 Low

EPSS

Percentile

67.9%

JSON

Admin Center in IBM WebSphere Application Server (WAS) 8.5.5.2 through 8.5.5.9 Liberty before Liberty Fix Pack 16.0.0.2 allows remote attackers to obtain sensitive information via unspecified vectors.

CPENameOperatorVersion
ibm:websphere_application_serveribm websphere application servereq8.5.5.7
ibm:websphere_application_serveribm websphere application servereq8.5.5.6
ibm:websphere_application_serveribm websphere application servereq8.5.5.4
ibm:websphere_application_serveribm websphere application servereq8.5.5.5
ibm:websphere_application_serveribm websphere application servereq8.5.5.3
ibm:websphere_application_serveribm websphere application servereq8.5.5.8
ibm:websphere_application_serveribm websphere application servereq8.5.5.2
ibm:websphere_application_serveribm websphere application servereq8.5.5.9

CPE	Name	Operator	Version
ibm:websphere_application_server	ibm websphere application server	eq	8.5.5.7
ibm:websphere_application_server	ibm websphere application server	eq	8.5.5.6
ibm:websphere_application_server	ibm websphere application server	eq	8.5.5.4
ibm:websphere_application_server	ibm websphere application server	eq	8.5.5.5
ibm:websphere_application_server	ibm websphere application server	eq	8.5.5.3
ibm:websphere_application_server	ibm websphere application server	eq	8.5.5.8
ibm:websphere_application_server	ibm websphere application server	eq	8.5.5.2
ibm:websphere_application_server	ibm websphere application server	eq	8.5.5.9

References

www-01.ibm.com/support/docview.wss?uid=swg1PI62052

www-01.ibm.com/support/docview.wss?uid=swg21982012

www.securityfocus.com/bid/91515

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

5.6 Medium

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.003 Low

EPSS

Percentile

67.9%

JSON

Related for CVE-2016-0389

ibm6 prion1 openvas1