Apache vulnerability CVE-2015-0899

2015-04-16T00:58:00

Description

The Validator in Apache Struts 1.1 and later contains a function to efficiently define rules for input validation across multiple pages during screen transitions. This function contains a vulnerability where input validation may be bypassed. When the Apache Struts 1 Validator is used, the web application may be vulnerable even when this function is not used explicitly. ([CVE-2015-0899](<https://vulners.com/cve/CVE-2015-0899>)) Impact An attacker may be able to skip input validation when the vulnerability is exploited.

{"id": "F5:K16444", "vendorId": null, "type": "f5", "bulletinFamily": "software", "title": "Apache vulnerability CVE-2015-0899", "description": " \n\n\nThe Validator in Apache Struts 1.1 and later contains a function to efficiently define rules for input validation across multiple pages during screen transitions. This function contains a vulnerability where input validation may be bypassed. When the Apache Struts 1 Validator is used, the web application may be vulnerable even when this function is not used explicitly. ([CVE-2015-0899](<https://vulners.com/cve/CVE-2015-0899>)) \n\n\nImpact \n\n\nAn attacker may be able to skip input validation when the vulnerability is exploited.\n", "published": "2015-04-16T00:58:00", "modified": "2016-01-08T23:09:00", "epss": [{"cve": "CVE-2015-0899", "epss": 0.94907, "percentile": 0.98995, "modified": "2023-09-10"}], "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "availabilityImpact": "NONE", "baseScore": 5.0}, "severity": "MEDIUM", "exploitabilityScore": 10.0, "impactScore": 2.9, "acInsufInfo": true, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {"cvssV3": {"version": "3.0", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH"}, "exploitabilityScore": 3.9, "impactScore": 3.6}, "href": "https://support.f5.com/csp/article/K16444", "reporter": "f5", "references": [], "cvelist": ["CVE-2015-0899"], "immutableFields": [], "lastseen": "2023-09-11T01:46:18", "viewCount": 3, "enchantments": {"dependencies": {"references": [{"type": "checkpoint_advisories", "idList": ["CPAI-2017-1082"]}, {"type": "cve", "idList": ["CVE-2015-0899", "CVE-2016-1181", "CVE-2016-1182"]}, {"type": "debian", "idList": ["DEBIAN:DSA-3536-1:6274C", "DEBIAN:DSA-3536-1:EEC30"]}, {"type": "f5", "idList": ["F5:K04403302", "F5:K40444230", "SOL04403302", "SOL16444", "SOL40444230"]}, {"type": "fedora", "idList": ["FEDORA:845CB6087671"]}, {"type": "github", "idList": ["GHSA-5GGR-MPGW-3MGX", "GHSA-7JW3-5Q4W-89QG", "GHSA-CVVX-R33M-V7PQ"]}, {"type": "ibm", "idList": ["0194CC3AD0882E63750B21484BE25BE0A53CE17F2AD6A4F51CC4B6143D86CC18", "019F23A3AAFAD4919B6106A6E7DC0182EE72C7EC2EF686F12146B41D4C9DC04A", "0F8C9B43069C04EF8D42F75FA8D42A5837D2A01F1B45F132DD6CE116C7562B83", "104BE807C8577FF816DF414B5A588FABB581711BB54758F6F49C7CAC17CD68BE", "107B029DD56A2199A3A87E51461350D452A0422C3E3D25CE9E1B91F71C36131B", "19F9B2D3F02CD12E95CAA102CAFF73CF1ACA08B82792F23CACA7A607695B6F33", "1A977E1D46AE4CB4B7068DB341125931FAD75C28D6703503973FFF9BE917887F", "1D17AF388979A4680B7C566D64B28C89A5848CEAA9BD357FA3DB1B666908BC13", "30015D3FC7D21C469D5C563C8EEB6988F26B5F676BFCC6457A944A8011875CA0", "31066745C5F3A1400280F9DC71A8F83272987B4B260AC9B56A741D16CEE2CC3E", "35774A12657731256610BEB1ACB2AE99C105060354AA560F82DED28AE65A8B24", "3672170404F5307E55342FF12D5BC161435454EED56F454B31FB530876413785", "3D8540513E9389E52505EF4CCF99C1FC5DC8928BFA49128170D48087D1264725", "3DCB65329F12A675A409FF5460E4F2055ABEC5C568C06CEF5C7FCFF22450E2AD", "3E3AF8AC7BA63076BEE8FFB670B3A3F27E0903C83526E54496E50EB2DF74B875", "3EA2C45E4F9382C2531F88095D1BC135577CA607AD54B9DD5A62C3E8C85EF769", "423AFAE9FC7C08F3F5D13BAE5029A5B524704674E8286442D7AAA6868D054858", "43DA4697F34CF5D5A6799540E74541895D58CA735AF6018C2189B56DA5C5FD59", "4695FA8F517C9073437AB3503CAEBE8F17E0386BCB5FA7CF2B4627643F254646", "503EC4AA08C4E3F9F50CED9EDFCA26510533FF79DA3DFB2BC8C3BFF7248C164E", "544D090170B9F688E773EF8FC8B1618EED0EE7044F85992CF2BF1A4A2190E145", "564B0C92712ABFAA4A166163C3C3E90C2F818E128F44887E3BB0DF5116EC9118", "64ED9589C1E5946B109687F790BF28B004D107A0751658576B78487573777400", "71A473993D401FAFDA20A063C958EB3785E06B0F2833BBEB5FA0B1E2E3123139", "7A11753B338C15D55DF3A1597718181B984266B89FF9EDD1CD2752B056D40E36", "7E0744D5936EDC5F018B0850D801B665D388060D6A81B986BC7AD81C9A78C0EE", "8A621D7EC29CDC30D62E006392BDC867B806D0CB2AC163E36A955BF3F53C7DDA", "8B65B2D389AC6D4B8DDABDC2C07AD570BA3BE907EA6FA4F956423A3FB683FF0C", "8F879C06D40BC6329D80ABEDCA5D3CC554195FEF26DACD9AA387DFFD5A8AC21F", "9287DC96C9B40D0A7179453A5EC2D0BE55F127E7E426072F9E2EA5EEE0F66E7E", "99D003017B71F5B75E9C95B642A3DAAE40B18DC20129E9E9FCED6FC086965F81", "A758A1B10E085A8CCD4CD2CBBF9F9F41944540C517465DB005FDFD0DC4569590", "AFFB8AFABDDD081CEAC397241D3C1451E9FB874F8ECFE541E10D86D499996547", "B14802EE857CDC0D56AA5D6E41F9A60ACB2D2D9EC4C0DCA472BDF964DF05E984", "B4BA991763253D738BCAA9AB61AE50E1AA4C20D6F3366D5551C3051C29FEADB2", "BAFE1432B61D78F2B29438C3606D2D46643F4DA3DFC6DD0FB0C4962ECD44C150", "BDB0F371072DD759BDC908105E59960089A47593F2EC0613182245AA4BB15948", "CDA078FD942764EA41F1C78F1E4090E3DC312088E0AA78FD554EB0AF9C8BDD0C", "D66B903250F05C7E6F628063E46BB788B758ACF5470BDBDCE9A7DDCF98ED3362", "D8ADEA08E50DD31A13D004FE5B304A9912C83527BE3756B66F2A397CF3660771", "DD39895C911A5C66806CAC2BEC6807CD3385FF346B2B24AD293C4587ABBC8D42", "DEAFA2DB54593AA80919E191E6F6089E8FC07DD6414224DF7420DF6F55DF4BC8", "E1DDF2752E86E32A93B778F4A62DA348D20B60DBDD915C1F9931C70D2553973C", "E1E9EC92F2FB001C2C7B6AF116D3E1F63E360CF61602F853CB4A691D77495BBD", "E4483DF34E757AA349E718966444A52461C215D7119618553F0FE496E455849C", "E762499CA15D11429E743982AA3F2FC12E2E921DDF0F5987384DC6653A95B9A2", "EB488D986A623E81C07D5F38DFFA754649938084B72DDAA698DEA6B41BB73C49", "F0D32D5C13A35680F4A8DA40436818493D9FB1B131B9211509D89B4ADDE8B956", "F15BA9EC0C1FC4624C7DDC90D046A7A3558B86CF13B121A8778B5BA8562491DC", "F86E0E99774B2ACA66C56C88E0F579364353B9D005771FFCBD70A09340339179"]}, {"type": "jvn", "idList": ["JVN:86448949", "JVN:91383083"]}, {"type": "mageia", "idList": ["MGASA-2015-0351"]}, {"type": "nessus", "idList": ["DEBIAN_DSA-3536.NASL", "FEDORA_2015-14237.NASL", "WEBSPHERE_711779.NASL", "WEBSPHERE_711865.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310130036", "OPENVAS:1361412562310703536", "OPENVAS:1361412562310808538", "OPENVAS:1361412562310809478", "OPENVAS:1361412562310869914", "OPENVAS:703536"]}, {"type": "oracle", "idList": ["ORACLE:CPUOCT2017"]}, {"type": "osv", "idList": ["OSV:DLA-292-1", "OSV:GHSA-5GGR-MPGW-3MGX", "OSV:GHSA-7JW3-5Q4W-89QG", "OSV:GHSA-CVVX-R33M-V7PQ"]}, {"type": "redhatcve", "idList": ["RH:CVE-2016-1181", "RH:CVE-2016-1182"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2015-0899", "UB:CVE-2016-1181", "UB:CVE-2016-1182"]}]}, "epss": [{"cve": "CVE-2015-0899", "epss": 0.94907, "percentile": 0.98848, "modified": "2023-05-02"}], "score": {"value": 7.4, "vector": "NONE"}, "vulnersScore": 7.4}, "_state": {"dependencies": 1694397584, "score": 1694396825, "epss": 0}, "_internal": {"score_hash": "2655000c62a3e4ec068e1bc1c2efb7bf"}, "affectedSoftware": []}

{"debian": [{"lastseen": "2021-10-21T22:16:04", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3536-1 security@debian.org\nhttps://www.debian.org/security/ Sebastien Delafond\nMarch 31, 2016 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : libstruts1.2-java\nCVE ID : CVE-2015-0899\n\nIt was discovered that libstruts1.2-java, a Java framework for MVC\napplications, contains a bug in its multi-page validation code. This\nallows input validation to be bypassed, even if MPV is not used\ndirectly.\n\nFor the oldstable distribution (wheezy), this problem has been fixed\nin version 1.2.9-5+deb7u2.\n\nWe recommend that you upgrade your libstruts1.2-java packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2016-03-31T09:30:26", "type": "debian", "title": "[SECURITY] [DSA 3536-1] libstruts1.2-java security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0899"], "modified": "2016-03-31T09:30:26", "id": "DEBIAN:DSA-3536-1:EEC30", "href": "https://lists.debian.org/debian-security-announce/2016/msg00110.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-05-02T16:10:32", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3536-1 security@debian.org\nhttps://www.debian.org/security/ Sebastien Delafond\nMarch 31, 2016 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : libstruts1.2-java\nCVE ID : CVE-2015-0899\n\nIt was discovered that libstruts1.2-java, a Java framework for MVC\napplications, contains a bug in its multi-page validation code. This\nallows input validation to be bypassed, even if MPV is not used\ndirectly.\n\nFor the oldstable distribution (wheezy), this problem has been fixed\nin version 1.2.9-5+deb7u2.\n\nWe recommend that you upgrade your libstruts1.2-java packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2016-03-31T09:30:26", "type": "debian", "title": "[SECURITY] [DSA 3536-1] libstruts1.2-java security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0899"], "modified": "2016-03-31T09:30:26", "id": "DEBIAN:DSA-3536-1:6274C", "href": "https://lists.debian.org/debian-security-announce/2016/msg00110.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}], "ibm": [{"lastseen": "2023-02-21T21:50:46", "description": "## Summary\n\nWebsphere Application Server (WAS) is shipped as a component of Tivoli Netcool/OMNIbus WebGUI. Information about a security vulnerability affecting WAS has been published in a security bulletin.\n\n## Vulnerability Details\n\nPlease consult the security bulletin [Potential vulnerability in WebSphere Application Server (CVE-2015-0899)](<http://www.ibm.com/support/docview.wss?uid=swg22015348>) for vulnerability details and information about fixes.\n\n## Affected Products and Versions\n\n**Principal Product and Version(s)** | **Affected Supporting Product and Version** \n---|--- \nWebGUI 7.4.0 GA and FP | embedded Websphere Application Server 7.0 \nWebGUI 8.1.0 GA and FP | Websphere Application Server 8.5 \n \n**Please also note the [end of support announcement](<http://www-01.ibm.com/common/ssi/ShowDoc.wss?docURL=/common/ssi/rep_ca/8/897/ENUS917-138/index.html&lang=en&request_locale=en>) from 12 September 2017 for selected Netcool product versions. You can find detailed information on whether the product version you have installed in your environment is affected by this end of service announcement by following the [Netcool End of Support Knowledge Collection](<https://www.ibm.com/support/entdocview.wss?uid=swg22009231>). If your product version is affected, IBM recommend to upgrade your product version to the latest supported version of your product. Please contact your IBM account manager for any question you might have or for any assistance you may require for upgrading an end of service announced offering.**\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-07-04T03:29:22", "type": "ibm", "title": "Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Tivoli Netcool/OMNIbus WebGUI (CVE-2015-0899)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0899"], "modified": "2018-07-04T03:29:22", "id": "CDA078FD942764EA41F1C78F1E4090E3DC312088E0AA78FD554EB0AF9C8BDD0C", "href": "https://www.ibm.com/support/pages/node/716069", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-22T01:47:40", "description": "## Summary\n\nIBM Security Guardium has addressed the following vulnerability. \n \n \n\n\n## Vulnerability Details\n\nCVE-ID: CVE-2015-0899 \nDescription: Apache Struts could allow a remote attacker to bypass security restrictions, caused by an error in the MultiPageValidator implementation. An attacker could exploit this vulnerability using a modified page parameter to bypass restrictions and launch further attacks on the system. \nThis vulnerability also affects other products. \nCVSS Base Score: 4.300 \nCVSS Temporal Score: https://exchange.xforce.ibmcloud.com/vulnerabilities/101770 for more information \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)\n\n## Affected Products and Versions\n\n**Affected IBM Security Guardium **\n\n| \n\n**Affected Versions** \n \n---|--- \nIBM Security Guardium | 10.0 - 10.5 \n \n## Remediation/Fixes\n\n**Product**\n\n| \n\n**VRMF**\n\n| \n\n**Remediation / First Fix** \n \n---|---|--- \nIBM Security Guardium | 10.0 - 10.5 | http://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Security&product=ibm/Information+Management/InfoSphere+Guardium&release=10.0&platform=All&function=fixId&fixids=SqlGuard_10.0p600_GPU_Nov-2018-V10.6&includeSupersedes=0&source=fc \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-12-19T20:15:02", "type": "ibm", "title": "Security Bulletin: IBM Security Guardium is affected by an OpenSource Apache Struts Vulnerability", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0899"], "modified": "2018-12-19T20:15:02", "id": "564B0C92712ABFAA4A166163C3C3E90C2F818E128F44887E3BB0DF5116EC9118", "href": "https://www.ibm.com/support/pages/node/787857", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T21:44:28", "description": "## Summary\n\nThere is a potential vulnerability in WebSphere Application Server. \n\n## Vulnerability Details\n\n \n**CVEID:** [_CVE-2015-0899_](<https://vulners.com/cve/CVE-2015-0899>) \n**DESCRIPTION:** Apache Struts could allow a remote attacker to bypass security restrictions, caused by an error in the MultiPageValidator implementation. An attacker could exploit this vulnerability using a modified page parameter to bypass restrictions and launch further attacks on the system. This vulnerability also affects other products. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/101770_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101770>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)\n\n## Affected Products and Versions\n\nThis vulnerability affects the following versions and releases of IBM WebSphere Application Server:\n\n * Version 9.0\n * Version 8.5\n * Version 8.0\n * Version 7.0\n\n## Remediation/Fixes\n\n \nThe recommended solution is to apply the interim fix, Fix Pack or PTF containing the APARs for each named product as soon as practical. There are 2 separate interim fixes that may need to be applied, links are provided below: \nAPARs \n[PI95655](<http://www-01.ibm.com/support/docview.wss?uid=swg24044986>) for the Administrative Console \n[PI98928](<http://www-01.ibm.com/support/docview.wss?uid=swg24045006>) for the LongRunning Scheduler \n \n \n**For WebSphere Application Server traditional and WebSphere Application Server Hypervisor Edition:** \n \n**For V9.0.0.0 through 9.0.0.7:** \n\u00b7 Upgrade to minimal fix pack levels as required by interim fixes and then apply Interim Fixes [PI95655](<http://www-01.ibm.com/support/docview.wss?uid=swg24044986>) and [PI98928](<http://www-01.ibm.com/support/docview.wss?uid=swg24045006>) \n\\--OR-- \n\u00b7 Apply Fix Pack 9.0.0.8 or later. \n \n**For V8.5.0.0 through 8.5.5.13:** \n\u00b7 Upgrade to minimal fix pack levels as required by interim fixes and then apply Interim Fixes [PI95655](<http://www-01.ibm.com/support/docview.wss?uid=swg24044986>) and [PI98928](<http://www-01.ibm.com/support/docview.wss?uid=swg24045006>) \n\\--OR-- \n\u00b7 Apply Fix Pack 8.5.5.14 or later. \n \n**For V8.0.0.0 through 8.0.0.15:** \n\u00b7 Upgrade to a minimal fix pack levels as required by interim fix and then apply Interim Fix [PI95655](<http://www-01.ibm.com/support/docview.wss?uid=swg24044986>) and [PI98928](<http://www-01.ibm.com/support/docview.wss?uid=swg24045006>) \n \n**For V7.0.0.0 through 7.0.0.45:** \n\u00b7 Upgrade to a minimal fix pack levels as required by interim fix and then apply Interim Fix [PI95655](<http://www-01.ibm.com/support/docview.wss?uid=swg24044986>) \n \n_WebSphere Application Server V7 and V8 are no longer in full support; IBM recommends upgrading to a fixed, supported version/release/platform of the product. _\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-02-19T17:50:01", "type": "ibm", "title": "Security Bulletin: Potential vulnerability in WebSphere Application Server (CVE-2015-0899)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0899"], "modified": "2019-02-19T17:50:01", "id": "8F879C06D40BC6329D80ABEDCA5D3CC554195FEF26DACD9AA387DFFD5A8AC21F", "href": "https://www.ibm.com/support/pages/node/711779", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-22T01:48:28", "description": "## Summary\n\nThere is a potential vulnerability in WebSphere Application Server. \n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-0899_](<https://vulners.com/cve/CVE-2015-0899>) \n**DESCRIPTION:** Apache Struts could allow a remote attacker to bypass security restrictions, caused by an error in the MultiPageValidator implementation. An attacker could exploit this vulnerability using a modified page parameter to bypass restrictions and launch further attacks on the system. This vulnerability also affects other products. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/101770_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101770>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)\n\n## Affected Products and Versions\n\nJazz for Service Management version 1.1.0 - 1.1.3\n\n## Remediation/Fixes\n\nPrincipal Product and Version(s)\n\n| Affected Supporting Product and Version | Affected Supporting Product Security Bulletin \n---|---|--- \nJazz for Service Management version 1.1.0 - 1.1.3 | Websphere Application Server Full Profile 8.5.5 | \n\n# [Security Bulletin: Potential vulnerability in WebSphere Application Server (CVE-2015-0899)](<http://www-01.ibm.com/support/docview.wss?uid=swg22015348>)\n\n# \n \n## Workarounds and Mitigations\n\nPlease refer to WAS iFix\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-11-28T11:35:01", "type": "ibm", "title": "Security Bulletin: Potential vulnerability in WebSphere Application Server shipped with Jazz for Service Management (CVE-2015-0899)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0899"], "modified": "2018-11-28T11:35:01", "id": "3DCB65329F12A675A409FF5460E4F2055ABEC5C568C06CEF5C7FCFF22450E2AD", "href": "https://www.ibm.com/support/pages/node/742191", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T01:47:49", "description": "## Summary\n\nApache Struts could allow a remote attacker to bypass security restrictions, caused by an error in the MultiPageValidator implementation. An attacker could exploit this vulnerability using a modified page parameter to bypass restrictions and launch further attacks on the system.\n\n## Vulnerability Details\n\n**CVEID:** [CVE-2015-0899](<https://vulners.com/cve/CVE-2015-0899>) \n**DESCRIPTION:** Apache Struts could allow a remote attacker to bypass security restrictions, caused by an error in the MultiPageValidator implementation. An attacker could exploit this vulnerability using a modified page parameter to bypass restrictions and launch further attacks on the system. This vulnerability also affects other products. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/101770> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)\n\n## Affected Products and Versions\n\nIBM Content Collector for Email v3.0 \nIBM Content Collector for Email v4.0 \nIBM Content Collector for Email v4.0.1\n\n## Remediation/Fixes\n\n**Product**\n\n| **VRM**| **Remediation** \n---|---|--- \nIBM Content Collector for Email | 3.0| Use IBM Content Collector for Email 4.0.1.5[ Interim Fix 001](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?product=ibm%2FInformation+Management%2FContent+Collector&fixids=4.0.1.5-IBM-ICC-IF001&source=SAR&function=fixId&parent=Enterprise%20Content%20Management>) \nIBM Content Collector for Email | 4.0| Use IBM Content Collector for Email 4.0.1.5[ Interim Fix 001](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?product=ibm%2FInformation+Management%2FContent+Collector&fixids=4.0.1.5-IBM-ICC-IF001&source=SAR&function=fixId&parent=Enterprise%20Content%20Management>) \nIBM Content Collector for Email | 4.0.1| Use IBM Content Collector for Email 4.0.1.5[ Interim Fix 001](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?product=ibm%2FInformation+Management%2FContent+Collector&fixids=4.0.1.5-IBM-ICC-IF001&source=SAR&function=fixId&parent=Enterprise%20Content%20Management>) \n \nFollow the steps in the readme file in the 4.0.1.5 interim fix 001 to install the interim fix applicable to your version. \n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-06-17T12:17:47", "type": "ibm", "title": "Security Bulletin: OpenSource Apache Struts vulnerability in IBM Content Collector for Email", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0899"], "modified": "2018-06-17T12:17:47", "id": "7A11753B338C15D55DF3A1597718181B984266B89FF9EDD1CD2752B056D40E36", "href": "https://www.ibm.com/support/pages/node/292425", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T21:45:17", "description": "## Summary\n\nWebSphere Application Server is shipped as a component of IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise. Information about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin. \n\n## Vulnerability Details\n\nPlease consult the security bulletin [Security Bulletin: Potential vulnerability in WebSphere Application Server (CVE-2015-0899)](<http://www-01.ibm.com/support/docview.wss?uid=swg24045006>) for vulnerability details and information about fixes.\n\n## Affected Products and Versions\n\n**Principal Product and Version(s)**\n\n| \n\n**Affected Supporting Product and Version** \n \n---|--- \n \nIBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise Edition V2.5, V2.5.0.1, V2.5.02. V2.5.0.3, V2.5.0.4, V2.5.0.5, V2.5.0.6\n\n| \n\n * WebSphere Application Server V8.5.5 through V8.5.5.12 \n \nIBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise V2.4, V2.4.0.1, V2.4.0.2, V2.4.0.3, V2.4.0.4, V2.4.0.5\n\n| \n\n * WebSphere Application Server V8.5 \n \n## Remediation/Fixes\n\nThe recommended solution is to apply the fixes as soon as practical. \n\n**Principal Product and Version(s)** | **VRMF** | **Remediation/First Fix** \n---|---|--- \nIBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise | 2.5, 2.5.0.1, 2.5.0.2, 2.5.0.3, 2.5.0.4, 2.5.0.5, 2.5.0.6 | \n\nUpgrade to IBM Cloud Orchestrator 2.5 Fix Pack 7: \n<https://www-01.ibm.com/support/docview.wss?uid=ibm10718247> \n \nIBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise | 2.4, 2.4.0.1, 2.4.0.2, 2.4.0.3, 2.4.0.4, 2.4.0.5 | After you upgrade to minimal fix pack levels as required by interim fix, apply the appropriate Interim to your environment as soon as practical. For details, see \n\n[Security Bulletin: Potential vulnerability in WebSphere Application Server (CVE-2015-0899)](<http://www-01.ibm.com/support/docview.wss?uid=swg24045006>) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-12-06T06:40:02", "type": "ibm", "title": "Security Bulletin: A security vulnerability has been identified in WebSphere Application Server shipped with IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise (CVE-2015-0899)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0899"], "modified": "2018-12-06T06:40:02", "id": "019F23A3AAFAD4919B6106A6E7DC0182EE72C7EC2EF686F12146B41D4C9DC04A", "href": "https://www.ibm.com/support/pages/node/739525", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T21:48:33", "description": "## Summary\n\nWebsphere Application Server (WAS) is shipped as a component of IBM Operations Analytics Predictive Insights. Information about a security vulnerability affecting WAS has been published in a security bulletin.\n\n## Vulnerability Details\n\nPlease consult the security bulletin [Security Bulletin: Potential vulnerability in WebSphere Application Server (CVE-2015-0899)](<http://www-01.ibm.com/support/docview.wss?uid=swg22015348>) for vulnerability details and information about fixes.\n\n## Affected Products and Versions\n\nPrincipal Product and Version(s) | Affected Supporting Product and Version \n---|--- \nIBM Operations Analytics Predictive Insights version 1.3.6 | Websphere Application Server 8.5.5.x \nIBM Operations Analytics Predictive Insights versions 1.3.3, 1.3.5 | Websphere Application Server 8.5.0.x This needs to be upgraded to minimum 8.5.5.12, noting [_this known issue_](<https://www.ibm.com/support/knowledgecenter/en/SSEKCU_1.1.2.1/com.ibm.psc.doc/tshoot/psc_ts_jazzsm_start_stop.html>), before applying the fix mentioned in the linked bulletin. \n \n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-08-09T11:51:20", "type": "ibm", "title": "Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Operations Analytics Predictive Insights (CVE-2015-0899)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0899"], "modified": "2018-08-09T11:51:20", "id": "AFFB8AFABDDD081CEAC397241D3C1451E9FB874F8ECFE541E10D86D499996547", "href": "https://www.ibm.com/support/pages/node/720275", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T01:47:48", "description": "## Summary\n\nAn Apache Struts vulnerability affect IBM Enterprise Records. IBM has addressed the applicable CVE.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-0899_](<https://vulners.com/cve/CVE-2015-0899>)_ \n_**DESCRIPTION:** Apache Struts could allow a remote attacker to bypass security restrictions, caused by an error in the MultiPageValidator implementation. An attacker could exploit this vulnerability using a modified page parameter to bypass restrictions and launch further attacks on the system. This vulnerability also affects other products. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/101770_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101770>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)\n\n## Affected Products and Versions\n\nIBM Enterprise Records v5.2.0 - 5.2.0.3\n\n## Remediation/Fixes\n\n_Product_\n\n| _VRMF_| _Remediation_ \n---|---|--- \nIBM Enterprise Records| 5.2.0 - 5.2.0.3| Use IBM Enterprise Records 5.2.0[ Fix Pack 4 Interim Fix 2](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=Enterprise%20Content%20Management&product=ibm/Information+Management/IBM+Enterprise+Records&release=5.2.0.4&platform=All&function=all>) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-06-17T12:17:55", "type": "ibm", "title": "Security Bulletin: Open Source Apache Struts Vulnerabilities affect IBM Enterprise Records", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0899"], "modified": "2018-06-17T12:17:55", "id": "64ED9589C1E5946B109687F790BF28B004D107A0751658576B78487573777400", "href": "https://www.ibm.com/support/pages/node/294477", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-06-24T05:58:16", "description": "## Summary\n\nWebSphere Application Server is shipped as a component of IBM Business Automation Workflow, IBM Business Process Manager, WebSphere Enterprise Service Bus and WebSphere Lombardi Edition. Information about a security vulnerability affecting IBM WebSphere Application Server Traditional have been published in a security bulletin.\n\n## Vulnerability Details\n\nPlease consult the [Security Bulletin: Potential vulnerability in WebSphere Application Server (CVE-2015-0899) ](<http://www.ibm.com/support/docview.wss?uid=swg22015348>)for vulnerability details and information about fixes.\n\n## Affected Products and Versions\n\n\\- IBM Business Automation Workflow V18.0.0.0\n\n\\- IBM Business Process Manager V8.6.0.0 through V8.6.0.0 Cumulative Fix 2018.03\n\n\\- IBM Business Process Manager V8.5.7.0 through V8.5.7.0 Cumulative Fix 2017.06\n\n\\- IBM Business Process Manager V8.5.6.0 through V8.5.6.0 CF2\n\n\\- IBM Business Process Manager V8.5.5.0\n\n\\- IBM Business Process Manager V8.5.0.0 through V8.5.0.2\n\n\\- IBM Business Process Manager V8.0.0.0 through V8.0.1.3\n\n\\- IBM Business Process Manager V7.5.0.0 through V7.5.1.2\n\n\\- IBM Business Process Manager Enterprise Service Bus V8.6.0.0\n\n\\- WebSphere Enterprise Service Bus Registry Edition V7.5.0.0 through V7.5.1.2\n\n\\- WebSphere Lombardi Edition V7.2.0.0 through V7.2.0.5 (and earlier unsupported releases)\n\n\\- WebSphere Enterprise Service Bus V7.0.0.0 through V7.0.0.5\n\n\\- WebSphere Enterprise Service Bus Registry Edition V7.0.0.0 through V7.0.0.5\n\n\\- WebSphere Enterprise Service Bus V7.5.0.0 through V7.5.1.2\n\n \nNote that Cumulative Fixes cannot automatically install interim fixes for the base Application Server. It is important to follow the complete installation instructions and manually ensure that recommended security fixes are installed.\n\n \n_For__ earlier and unsupported versions of the products, IBM recommends upgrading to a fixed, supported version of the product._\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-09-15T19:19:49", "type": "ibm", "title": "Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Digital Business Automation Workflow family products (CVE-2015-0899)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0899"], "modified": "2022-09-15T19:19:49", "id": "1D17AF388979A4680B7C566D64B28C89A5848CEAA9BD357FA3DB1B666908BC13", "href": "https://www.ibm.com/support/pages/node/712435", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-13T05:36:17", "description": "## Summary\n\nIBM WebSphere Application Server is shipped as a component of IBM Case Manager. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin.\n\n## Vulnerability Details\n\nPlease consult the security bulletin [Security Bulletin: Potential vulnerability in WebSphere Application Server (CVE-2015-0899)](<http://www.ibm.com/support/docview.wss?uid=swg22015348>) for vulnerability details and information about fixes.\n\n## Affected Products and Versions\n\nPrincipal Product and Versions\n\n| Affected Supporting Product and Versions \n---|--- \nIBM Case Manager 5.1.1 \nIBM Case Manager 5.2.0 \nIBM Case Manager 5.2.1 \nIBM Case Manager 5.3.0 \nIBM Case Manager 5.3.1 \nIBM Case Manager 5.3.2 \nIBM Case Manager 5.3.3 | IBM WebSphere Application Server 7.0 \nIBM WebSphere Application Server 8.0 \nIBM WebSphere Application Server 8.5 \nIBM WebSphere Application Server 9.0 \n \n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-07-10T22:07:17", "type": "ibm", "title": "Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Case Manager (CVE-2015-0899)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0899"], "modified": "2018-07-10T22:07:17", "id": "19F9B2D3F02CD12E95CAA102CAFF73CF1ACA08B82792F23CACA7A607695B6F33", "href": "https://www.ibm.com/support/pages/node/713527", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-06-28T21:37:28", "description": "## Summary\n\nIBM WebSphere Application Server is shipped with IBM Tivoli Network Manager IP Edition versions 3.9 and 4.1.1; IBM WebSphere Application Server is a required product for IBM Tivoli Network Manager IP Edition version 4.2. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin.\n\n## Vulnerability Details\n\nPlease consult the security bulletin [Potential vulnerability in WebSphere Application Server](<http://www-01.ibm.com/support/docview.wss?uid=swg22015348>) for vulnerability details and information about fixes.\n\n## Affected Products and Versions\n\nIBM Tivoli Network Manager IP Edition 3.9, 4.1.1 and 4.2\n\n## Remediation/Fixes\n\nRefer to the following security bulletins for vulnerability details and information about fixes addressed by IBM WebSphere Application Server, which is shipped with IBM Tivoli Network Manager IP Edition versions 3.9 and 4.1.1; and a product required by IBM Tivoli Network Manager IP Edition version 4.2.\n\n**Principal Product and Version(s)** | **Affected Supporting Product and Version** | **Affected Supporting Product Security Bulletin** \n---|---|--- \nIBM Tivoli Network Manager IP Edition 3.9 | Bundled the TIP version 2.1.0.x, which bundles IBM WebSphere version 7.0.0.x. | [Potential vulnerability in WebSphere Application Server](<http://www-01.ibm.com/support/docview.wss?uid=swg22015348>) \nSee Section \"**For V7.0.0.0 through 7.0.0.45:**\" \nIBM Tivoli Network Manager IP Edition 4.1.1 | Bundled the TIP version 2.2.0.x, which bundles IBM WebSphere version 7.0.0.x. | [Potential vulnerability in WebSphere Application Server](<http://www-01.ibm.com/support/docview.wss?uid=swg22015348>) \nSee Section \"**For V7.0.0.0 through 7.0.0.45:**\" \nIBM Tivoli Network Manager IP Edition 4.2 | IBM Tivoli Network Manager IP Edition 4.2 requires the installation of IBM WebSphere Application Server Version 8.5.5.5 or later version separately. Users are recommended to apply IBM WebSphere version 8.5.5.5 Security Interim Fixes. | [Potential vulnerability in WebSphere Application Server](<http://www-01.ibm.com/support/docview.wss?uid=swg22015348>) \nSee Section \"**For V8.5.0.0 through 8.5.5.13:**\" \n \n \n**Please also note the** ** ** [**end of support announcement**](<http://www-01.ibm.com/common/ssi/ShowDoc.wss?docURL=/common/ssi/rep_ca/8/897/ENUS917-138/index.html&lang=en&request_locale=en>) ** ** **from 12 September 2017 for selected Netcool product versions. You can find detailed information on whether the product version you have installed in your environment is affected by this end of service announcement by following the ** [**Netcool End of Support Knowledge Collection.**](<https://www-01.ibm.com/support/entdocview.wss?uid=swg22009231>) ** ** **If your product version is affected, IBM recommend to upgrade your product version to the latest supported version of your product. Please contact your IBM account manager for any question you might have or for any assistance you may require for upgrading an end of service announced offering.**\n\n## ", "cvss3": {}, "published": "2023-06-28T22:04:59", "type": "ibm", "title": "Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server, which is shipped with, or a required product for, IBM Tivoli Network Manager IP Edition (CVE-2015-0899).", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2015-0899"], "modified": "2023-06-28T22:04:59", "id": "9287DC96C9B40D0A7179453A5EC2D0BE55F127E7E426072F9E2EA5EEE0F66E7E", "href": "https://www.ibm.com/support/pages/node/716573", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-06-28T21:37:26", "description": "## Summary\n\nIBM WebSphere Application Server is shipped with IBM Tivoli Netcool Configuration Manager version 6.4.1; IBM WebSphere Application Server is a required product for IBM Tivoli Netcool Configuration Manager version 6.4.2. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin.\n\n## Vulnerability Details\n\nPlease consult the security bulletin [Potential vulnerability in WebSphere Application Server](<http://www-01.ibm.com/support/docview.wss?uid=swg22015348>) for vulnerability details and information about fixes.\n\n## Affected Products and Versions\n\nIBM Tivoli Netcool Configuration Manager versions 6.4.1 and 6.4.2.\n\n## Remediation/Fixes\n\nRefer to the following security bulletins for vulnerability details and information about fixes addressed by IBM WebSphere Application Server, which is shipped with IBM Tivoli Netcool Configuration Manager versions 6.4.1; and a product required by IBM Tivoli Netcool Configuration Manager versions 6.4.2.\n\n**Principal Product and Version(s)** | **Affected Supporting Product and Version** | **Affected Supporting Product Security Bulletin** \n---|---|--- \nIBM Tivoli Netcool Configuration Manager version 6.4.1 | Bundled the TIP version 2.2.0.x, which bundles IBM WebSphere version 7.0.0.x. | [Potential vulnerability in WebSphere Application Server](<http://www-01.ibm.com/support/docview.wss?uid=swg22015348>) \nSee Section \"**For V7.0.0.0 through 7.0.0.45:**\" \nIBM Tivoli Netcool Configuration Manager version 6.4.2 | IBM Tivoli Netcool Configuration Manager version 6.4.2 requires the installation of IBM WebSphere Application Server Version 8.5.5.5 or later version separately. Users are recommended to apply IBM WebSphere version 8.5.5.5 Security Interim Fixes. | [Potential vulnerability in WebSphere Application Server](<http://www-01.ibm.com/support/docview.wss?uid=swg22015348>) \nSee Section \"**For V8.5.0.0 through 8.5.5.13:**\" \n \n \n**Please also note the** ** ** [**end of support announcement**](<http://www-01.ibm.com/common/ssi/ShowDoc.wss?docURL=/common/ssi/rep_ca/8/897/ENUS917-138/index.html&lang=en&request_locale=en>) ** ** **from 12 September 2017 for selected Netcool product versions. You can find detailed information on whether the product version you have installed in your environment is affected by this end of service announcement by following the ** [**Netcool End of Support Knowledge Collection.**](<https://www-01.ibm.com/support/entdocview.wss?uid=swg22009231>) ** ** **If your product version is affected, IBM recommend to upgrade your product version to the latest supported version of your product. Please contact your IBM account manager for any question you might have or for any assistance you may require for upgrading an end of service announced offering.**\n\n## ", "cvss3": {}, "published": "2023-06-28T22:04:59", "type": "ibm", "title": "Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server, which is shipped with, or a required product for, IBM Tivoli Netcool Configuration Manager (CVE-2015-0899).", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2015-0899"], "modified": "2023-06-28T22:04:59", "id": "F0D32D5C13A35680F4A8DA40436818493D9FB1B131B9211509D89B4ADDE8B956", "href": "https://www.ibm.com/support/pages/node/717319", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-02-21T21:45:31", "description": "## Summary\n\nThere is a potential vulnerability in WebSphere Application Server. \n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-0899_](<https://vulners.com/cve/CVE-2015-0899>) \n**DESCRIPTION:** Apache Struts could allow a remote attacker to bypass security restrictions, caused by an error in the MultiPageValidator implementation. An attacker could exploit this vulnerability using a modified page parameter to bypass restrictions and launch further attacks on the system. This vulnerability also affects other products. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/101770_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101770>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)\n\n## Affected Products and Versions\n\nTivoli Integrated Portal version 2.1.0 - 2.1.0.5\n\nTivoli Integrated Portal version 2.2.0.0 - 2.2.0.19\n\n## Remediation/Fixes\n\nPrincipal Product and Version(s) | Affected Supporting Product and Version | Affected Supporting Product Security Bulletin \n---|---|--- \nTivoli Integrated Portal version \n\n2.1.0 - 2.1.0.5\n\n2.2.0 - 2.2.0.19\n\n| embedded Websphere Application Server version 7.0.x | \n\n# [Security Bulletin: Potential vulnerability in WebSphere Application Server (CVE-2015-0899)](<http://www-01.ibm.com/support/docview.wss?uid=swg22015348>) \n \n \nThe Websphere security bulletin above provides a link to the required iFix to remediate the vulnerability. However, the iFix requires either eWAS 7.0.0.31 or higher installed. \n \nTIP does not support upgrading Websphere fixpack independently. TIP 2.2.0.15 or TIP 2.2.0.17 or TIP 2.2.0.19 must be applied which will upgrade eWAS to 7.0.0.31 and above. Once TIP FP has been applied, the Websphere iFix can be applied as described in the Websphere bulletin.\n\n## Workarounds and Mitigations\n\nPlease refer to WAS iFix as described above\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-11-28T11:45:02", "type": "ibm", "title": "Security Bulletin: Potential vulnerability in WebSphere Application Server shipped with Tivoli Integrated Portal (CVE-2015-0899)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0899"], "modified": "2018-11-28T11:45:02", "id": "99D003017B71F5B75E9C95B642A3DAAE40B18DC20129E9E9FCED6FC086965F81", "href": "https://www.ibm.com/support/pages/node/741909", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T21:51:20", "description": "## Summary\n\nWebSphere Application Server is shipped with WebSphere Remote Server. Information about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin.\n\n## Vulnerability Details\n\nRefer to the security bulletin(s) listed in the Remediation/Fixes section\n\n## Affected Products and Versions\n\nThis vulnerability affects the following versions and releases of IBM WebSphere Remote Server: \n\u2022 9.0 \n\u2022 8.5 \n\u2022 7.1 \n\u2022 7.0\n\n## Remediation/Fixes\n\nRefer to the following security bulletins for vulnerability details and information about fixes addressed by WebSphere Application Server which is shipped with WebSphere Remote Server. \n \n\n\nPrincipal Product and Version(s)| Affected Supporting Product and Version| Affected Supporting Product Security Bulletin \n---|---|--- \nWebSphere Remote Server 9.0, 8.5, 7.1, 7.0| WebSphere Application Server 9.0, 8.5, 8.0, 7.0| [_Potential vulnerability in WebSphere Application Server_](<http://www.ibm.com/support/docview.wss?uid=swg22015348>) \n \n## ", "cvss3": {}, "published": "2018-06-22T01:30:23", "type": "ibm", "title": "Security Bulletin: A security vulnerability has been identified in WebSphere Application Server shipped with WebSphere Remote Server (CVE-2015-0899)", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2015-0899"], "modified": "2018-06-22T01:30:23", "id": "BDB0F371072DD759BDC908105E59960089A47593F2EC0613182245AA4BB15948", "href": "https://www.ibm.com/support/pages/node/712419", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-02-21T21:50:03", "description": "## Summary\n\nIBM WebSphere Application Server (WAS) is shipped as a component of IBM Rational ClearCase. Information about a security vulnerability affecting WAS has been published in a security bulletin.\n\n## Vulnerability Details\n\nRefer to the security bulletin(s) listed in the Remediation/Fixes section.\n\n## Affected Products and Versions\n\nIBM Rational ClearCase, ClearCase Remote Client (CCRC) WAN server component.\n\n**Versions 8.0.0.x, 8.0.1.x, 9.0.0.x, 9.0.1.x:**\n\nThis vulnerability only applies to the CCRC WAN server component, and only for certain levels of WebSphere Application Server.\n\n## Remediation/Fixes\n\nRefer to the following security bulletins for vulnerability details and information about fixes addressed by IBM WebSphere Application Server (WAS) which is shipped with IBM Rational ClearCase. \n\n\n**Principal Product and Version(s)** | **Affected Supporting Product and Version** | **Affected Supporting Product Security Bulletin** \n---|---|--- \nIBM Rational ClearCase, versions 8.0.0.x, 8.0.1.x, 9.0.0.x, 9.0.1.x | IBM WebSphere Application Server 7.0, 8.0, 8.5 and 9.0. | [Security Bulletin: Information Disclosure in WebSphere Application Server (CVE-2015-0899)](<http://www.ibm.com/support/docview.wss?uid=swg22015348>) \n \n**ClearCase Versions**\n\n| \n\n**Applying the fix** \n \n---|--- \n8.0.0.x, 8.0.1.x, 9.0.0.x, 9.0.1.x | \n\n 1. Determine the WAS version used by your CCRC WAN server. Navigate to the CCRC profile directory (either the profile you specified when installing ClearCase, or `<ccase-home>/common/ccrcprofile`), then execute the script: `bin/versionInfo.sh `(UNIX) or `bin\\versionInfo.bat `(Windows). The output includes a section \"IBM WebSphere Application Server\". Make note of the version listed in this section.\n 2. Identify the latest available fix (per the bulletin listed above) for the version of WAS used for CCRC WAN server.\n 3. Apply the appropriate WebSphere Application Server fix directly to your CCRC WAN server host. No ClearCase-specific steps are necessary. \n \n_For 7.0.x, 7.1.x, 8.0.x and earlier releases, IBM recommends upgrading to a fixed, supported version/release/platform of the product._\n\n## Workarounds and Mitigations\n\nNone.\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-07-12T18:53:28", "type": "ibm", "title": "Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Rational ClearCase (CVE-2015-0899)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0899"], "modified": "2018-07-12T18:53:28", "id": "F86E0E99774B2ACA66C56C88E0F579364353B9D005771FFCBD70A09340339179", "href": "https://www.ibm.com/support/pages/node/716909", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T21:50:56", "description": "## Summary\n\nWebSphere Application Server is shipped as a component of IBM WebSphere Application Server Patterns. Information about security vulnerabilities affecting WebSphere Application Server has been published in a security bulletin. \n\n## Vulnerability Details\n\nPlease consult the security bulletin: [Multiple vulnerabilities in Apache Struts and Apache Commons that is used by WebSphere Application Server UDDI](<http://www.ibm.com/support/docview.wss?uid=swg22016214>) for vulnerability details and information about fixes.\n\n## Affected Products and Versions\n\n**Principal Product and Version(s)** | **Affected Supporting Product and Version** \n---|--- \nWebSphere Application Server Patterns | WebSphere Application Server: \n\n * Version 9.0\n * Version 8.5\n * Version 8.0 \n \n## ", "cvss3": {}, "published": "2018-06-26T19:41:20", "type": "ibm", "title": "Security Bulletin: Multiple vulnerabilities in Apache Struts and Apache Commons that is used by WebSphere Application Server UDDI bundled with IBM WebSphere Application Server Patterns (CVE-2015-0899)", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2015-0899"], "modified": "2018-06-26T19:41:20", "id": "E4483DF34E757AA349E718966444A52461C215D7119618553F0FE496E455849C", "href": "https://www.ibm.com/support/pages/node/713727", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-02-21T01:47:47", "description": "## Summary\n\nApache Struts could allow a remote attacker to bypass security restrictions, caused by an error in the MultiPageValidator implementation. An attacker could exploit this vulnerability using a modified page parameter to bypass restrictions and launch further attacks on the system.\n\n## Vulnerability Details\n\n**CVEID:** [CVE-2015-0899](<https://vulners.com/cve/CVE-2015-0899>) \n**DESCRIPTION:** Apache Struts could allow a remote attacker to bypass security restrictions, caused by an error in the MultiPageValidator implementation. An attacker could exploit this vulnerability using a modified page parameter to bypass restrictions and launch further attacks on the system. This vulnerability also affects other products. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/101770> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)\n\n## Affected Products and Versions\n\nContent Collector for IBM Connections v3.0 \nContent Collector for IBM Connections v4.0 \nContent Collector for IBM Connections v4.0.1\n\n## Remediation/Fixes\n\n**Product**\n\n| **VRM**| **Remediation** \n---|---|--- \nContent Collector for IBM Connections| 3.0| Use Content Collector for IBM Connections 4.0.1.5[ Interim Fix 001](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?product=ibm%2FInformation+Management%2FContent+Collector&fixids=4.0.1.5-IBM-ICC-IF001&source=SAR&function=fixId&parent=Enterprise%20Content%20Management>) \nContent Collector for IBM Connections| 4.0| Use Content Collector for IBM Connections 4.0.1.5[ Interim Fix 001](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?product=ibm%2FInformation+Management%2FContent+Collector&fixids=4.0.1.5-IBM-ICC-IF001&source=SAR&function=fixId&parent=Enterprise%20Content%20Management>) \nContent Collector for IBM Connections| 4.0.1| Use Content Collector for IBM Connections 4.0.1.5[ Interim Fix 001](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?product=ibm%2FInformation+Management%2FContent+Collector&fixids=4.0.1.5-IBM-ICC-IF001&source=SAR&function=fixId&parent=Enterprise%20Content%20Management>) \n \nFollow the steps in the readme file in the 4.0.1.5 interim fix 001 to install the interim fix applicable to your version. \n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-06-17T12:17:48", "type": "ibm", "title": "Security Bulletin: OpenSource Apache Struts vulnerability in Content Collector for IBM Connections", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0899"], "modified": "2018-06-17T12:17:48", "id": "503EC4AA08C4E3F9F50CED9EDFCA26510533FF79DA3DFB2BC8C3BFF7248C164E", "href": "https://www.ibm.com/support/pages/node/292411", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T05:44:35", "description": "## Summary\n\nFix is available for vulnerability in Apache Struts affecting Tivoli Netcool/OMNIbus WebGUI (CVE-2015-0899).\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-0899_](<https://vulners.com/cve/CVE-2015-0899>)** \nDESCRIPTION:** Apache Struts could allow a remote attacker to bypass security restrictions, caused by an error in the MultiPageValidator implementation. An attacker could exploit this vulnerability using a modified page parameter to bypass restrictions and launch further attacks on the system. This vulnerability also affects other products. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/101770_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101770>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N) \n\n## Affected Products and Versions\n\nTivoli Netcool/OMNIbus WebGUI 8.1.0 \nTivoli Netcool/OMNIbus WebGUI 7.4.0\n\n## Remediation/Fixes\n\n**Product**\n\n| **VRMF**| **APAR**| **Remediation/Fix** \n---|---|---|--- \nTivoli Netcool/OMNIbus WebGUI| 8.1.0| IV98709| Apply Fix Pack 11 \n([Fix Pack for WebGUI 8.1.0 Fix Pack 11](<http://www.ibm.com/support/docview.wss?uid=swg24043825>)) \nTivoli Netcool/OMNIbus WebGUI| 7.4.0| IV98709| Upgrade to WebGUI 8.1.0 and then apply Fix Pack 11 \n([Fix Pack for WebGUI 8.1.0 Fix Pack 11](<http://www.ibm.com/support/docview.wss?uid=swg24043825>)) \n \nFor unsupported versions IBM recommends upgrading to a fixed, supported version of the product. \n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-06-17T15:43:57", "type": "ibm", "title": "Security Bulletin: Vulnerability in Apache Struts affect Tivoli Netcool/OMNIbus WebGUI (CVE-2015-0899)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0899"], "modified": "2018-06-17T15:43:57", "id": "423AFAE9FC7C08F3F5D13BAE5029A5B524704674E8286442D7AAA6868D054858", "href": "https://www.ibm.com/support/pages/node/566341", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T21:48:05", "description": "## Summary\n\nIBM WebSphere Application Server is shipped as a component of IBM Tivoli Netcool Impact. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin.\n\n## Vulnerability Details\n\nPlease consult the [Security Bulletin: Potential vulnerability in WebSphere Application Server (CVE-2015-0899)](<http://www-01.ibm.com/support/docview.wss?uid=swg22015348>) for vulnerability details and information about fixes.\n\n## Affected Products and Versions\n\n_Principal Product and Version(s)_\n\n| _Affected Supporting Product and Version_ \n---|--- \nIBM Tivoli Netcool Impact 6.1.x | IBM WebSphere Application Server 7.0 \n \n## Remediation/Fixes\n\n_Principal Product and Version(s)_\n\n| _Affected Supporting Product and Version_ \n---|--- \nIBM Tivoli Netcool Impact 6.1.x | For IBM WebSphere Application Server V7.0.0.0 through 7.0.0.45: \nThis vulnerability requires IBM WebSphere Application Server fix pack levels as required by interim fix and then apply Interim Fix [PI95655](<http://www-01.ibm.com/support/docview.wss?uid=swg24044986>). \nFor instruction on how to upgrade IBM WebSphere Application Server see the latest 6.1.* IBM Tivoli Netcool Impact Fix Pack readme. \n \n \n**Please also note the**** **[**_end of support announcement_**](<http://www-01.ibm.com/common/ssi/ShowDoc.wss?docURL=/common/ssi/rep_ca/8/897/ENUS917-138/index.html&lang=en&request_locale=en>)** ****from 12 September 2017 for selected Netcool product versions. You can find detailed information on whether the product version you have installed in your environment is affected by this end of service announcement by following the**** **[**_Netcool End of Support Knowledge Collection_**](<https://www-01.ibm.com/support/entdocview.wss?uid=swg22009231>)**. ****If your product version is affected, IBM recommend to upgrade your product version to the latest supported version of your product. Please contact your IBM account manager for any question you might have or for any assistance you may require for upgrading an end of service announced offering.**\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-09-05T16:31:48", "type": "ibm", "title": "Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Tivoli Netcool Impact (CVE-2015-0899)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0899"], "modified": "2018-09-05T16:31:48", "id": "0194CC3AD0882E63750B21484BE25BE0A53CE17F2AD6A4F51CC4B6143D86CC18", "href": "https://www.ibm.com/support/pages/node/729883", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T21:51:19", "description": "## Summary\n\nWebSphere Application Server is shipped as a component of IBM WebSphere Application Server Patterns and IBM WebSphere Application Server for Cloud. Information about security vulnerabilities affecting WebSphere Application Server has been published in a security bulletin. \n\n## Vulnerability Details\n\nPlease consult the security bulletin: [Potential vulnerability in WebSphere Application Server](<http://www-01.ibm.com/support/docview.wss?uid=swg22015348>) for vulnerability details and information about fixes. \n\n## Affected Products and Versions\n\n**Principal Product and Version(s)**\n\n| **Affected Supporting Product and Version** \n---|--- \nWebSphere Application Server Patterns and IBM WebSphere Application Server for Cloud, all versions.| WebSphere Application Server: \n\n * Version 9.0\n * Version 8.5\n * Version 8.0 \n \n## ", "cvss3": {}, "published": "2018-06-22T01:30:23", "type": "ibm", "title": "Security Bulletin: Potential vulnerability in WebSphere Application Server bundled with IBM WebSphere Application Server Patterns and IBM WebSphere Application Server for Cloud (CVE-2015-0899)", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2015-0899"], "modified": "2018-06-22T01:30:23", "id": "3672170404F5307E55342FF12D5BC161435454EED56F454B31FB530876413785", "href": "https://www.ibm.com/support/pages/node/712417", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-02-21T01:45:37", "description": "## Summary\n\nTivoli Netcool/OMNIbus WebGUI is shipped as a component of Tivoli Business Service Manager. Information about a security vulnerability affecting Tivoli Netcool/OMNIbus WebGUI has been published in a security bulletin. \n\n## Vulnerability Details\n\nPlease consult the security bulletin [Security Bulletin: Vulnerability in Apache Struts affect Tivoli Netcool/OMNIbus WebGUI (CVE-2015-0899)](<http://www-01.ibm.com/support/docview.wss?uid=swg22007053>) for vulnerability details and information about fixes. \n\n## Affected Products and Versions\n\n \nTivoli Business Service Manager v6.1.0 \nTivoli Business Service Manager v6.1.1 \n\n\n## Remediation/Fixes\n\n**Product**\n\n| **VRMF**| **Remediation/Fix** \n---|---|--- \nTivoli Business Service Manager| 6.1.0| TBSM v6.1.0 bundles Tivoli Netcool/OMNIbus WebGUI v7. As per bulletin above, Tivoli Netcool/OMNIbus WebGUI v8 portlets should be used to avoid vulnerability CVE-2015-0899. \n \nHowever, there is no supported interface between Tivoli Business Service Manager v6.1.0 and WebGUI v8. TBSM v6.1.0 customers must first upgrade to v6.1.1 and then follow advice below for v6.1.1. \nTivoli Business Service Manager| 6.1.1| TBSM v6.1.1 bundles Tivoli Netcool/OMNIbus WebGUI v7. As per bulletin above, Tivoli Netcool/OMNIbus WebGUI v8 portlets should be used to avoid vulnerability CVE-2015-0899. \n \nWebGUI v8 is DASH based. TBSM 6.1.1 is TIP based. To use WebGUI v8 portlets with TBSM v 6.1.1 configuration is required. \n \nDocumentation is available here (see \"TBSM Data + WebGUI Widgets\" and \"TBSM: How To Get Event Viewer onWebGUI 8.1.0 For AEL Replacement\"): <https://www.ibm.com/developerworks/community/wikis/home?lang=en#!/wiki/Tivoli%20Business%20Service%20Manager1/page/Advanced%20Topics> \n \nThe mechanics of launching from a TBSM menu item to a DASH page are in this document (see 6.1 - Navigating to an External DASH page.): \n[https://www.ibm.com/developerworks/community/groups/service/html/communityview?communityUuid=7d5ebce8-2dd8-449c-a58e-4676134e3eb8#fullpageWidgetId=Wea1cb2531f10_4ccd_99d7_6ab0334cb21f&file=519bead5-8dad-4af5-8aa1-745c5c9f74f6](<https://www.ibm.com/developerworks/community/groups/service/html/communityview?communityUuid=7d5ebce8-2dd8-449c-a58e-4676134e3eb8#fullpageWidgetId=Wea1cb2531f10_4ccd_99d7_6ab0334cb21f&file=519bead5-8dad-4af5-8aa1-745c5c9f74f6>) \n \n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-06-17T15:47:24", "type": "ibm", "title": "Security Bulletin: A security vulnerability has been identified in Tivoli Netcool/OMNIbus WebGUI shipped with Tivoli Business Service Manager (CVE-2015-0899)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0899"], "modified": "2018-06-17T15:47:24", "id": "B14802EE857CDC0D56AA5D6E41F9A60ACB2D2D9EC4C0DCA472BDF964DF05E984", "href": "https://www.ibm.com/support/pages/node/299703", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T21:48:04", "description": "## Summary\n\nIBM WebSphere Application Server is shipped as a component of Tivoli Business Service Manager. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin.\n\n## Vulnerability Details\n\nPlease consult the [Security Bulletin: Potential vulnerability in WebSphere Application Server (CVE-2015-0899)](<http://www-01.ibm.com/support/docview.wss?uid=swg22015348>) for vulnerability details and information about fixes.\n\n## Affected Products and Versions\n\n_Principal Product and Version(s)_\n\n| _Affected Supporting Product and Version_ \n---|--- \nTivoli Business Service Manager 6.1.x | IBM WebSphere Application Server 7.0 \n \n## Remediation/Fixes\n\n_Principal Product and Version(s)_\n\n| _Affected Supporting Product and Version_ \n---|--- \nTivoli Business Service Manager 6.1.x | For IBM WebSphere Application Server V7.0.0.0 through 7.0.0.45: \nThis vulnerability requires IBM WebSphere Application Server fix pack levels as required by interim fix and then apply Interim Fix [PI95655](<http://www-01.ibm.com/support/docview.wss?uid=swg24044986>). \nFor instruction on how to upgrade IBM WebSphere Application Server see the latest 6.1.* Tivoli Business Service Manager Fix Pack readme. \n \n \n**Please also note the**** **[**_end of support announcement_**](<http://www-01.ibm.com/common/ssi/ShowDoc.wss?docURL=/common/ssi/rep_ca/8/897/ENUS917-138/index.html&lang=en&request_locale=en>)** ****from 12 September 2017 for selected Netcool product versions. You can find detailed information on whether the product version you have installed in your environment is affected by this end of service announcement by following the**** **[**_Netcool End of Support Knowledge Collection_**](<https://www-01.ibm.com/support/entdocview.wss?uid=swg22009231>)**. ****If your product version is affected, IBM recommend to upgrade your product version to the latest supported version of your product. Please contact your IBM account manager for any question you might have or for any assistance you may require for upgrading an end of service announced offering.**\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-09-05T16:33:43", "type": "ibm", "title": "Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Tivoli Business Service Manager (CVE-2015-0899)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0899"], "modified": "2018-09-05T16:33:43", "id": "E1E9EC92F2FB001C2C7B6AF116D3E1F63E360CF61602F853CB4A691D77495BBD", "href": "https://www.ibm.com/support/pages/node/729881", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T21:48:03", "description": "## Summary\n\nIBM WebSphere Application Server is shipped as a component of OpenPages GRC Platform. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. \n\n## Vulnerability Details\n\nPlease consult the security bulletin [IBM WebSphere Application Server](<http://www.ibm.com/support/docview.wss?uid=swg22015348>) for vulnerability details.\n\n## Affected Products and Versions\n\n**Principal Product and Version(s)** | ** ****Affected Supporting Product and Version** \n---|--- \nIBM OpenPages GRC Platform 7.4/8.0 | IBM WebSphere Application Server 9.0.0.3 \nIBM OpenPages GRC Platform 7.3 | IBM WebSphere Application Server 8.5.5.9 \nIBM OpenPages GRC Platform 7.2 | IBM WebSphere Application Server 8.5.5.5 \nIBM OpenPages GRC Platform 7.1 | IBM WebSphere Application Server 8.5.5.2 \n \n## ", "cvss3": {}, "published": "2018-09-06T16:01:40", "type": "ibm", "title": "Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with OpenPages GRC Platform (CVE-2015-0899)", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2015-0899"], "modified": "2018-09-06T16:01:40", "id": "DD39895C911A5C66806CAC2BEC6807CD3385FF346B2B24AD293C4587ABBC8D42", "href": "https://www.ibm.com/support/pages/node/728731", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-02-21T21:47:39", "description": "## Summary\n\nWebSphere Application Server is shipped with Financial Transaction Manager. Information about security vulnerabilities affecting WebSphere Application Server have been published in a security bulletin.\n\n## Vulnerability Details\n\nRefer to the security bulletin \n[_Security Bulletin: Potential vulnerability in WebSphere Application Server (CVE-2015-0899)_](<http://www-01.ibm.com/support/docview.wss?uid=swg22015348>)\n\n## Affected Products and Versions\n\nPrincipal Product and Version(s)\n\n| Affected Supporting Product and Version \n---|--- \nFinancial Transaction Manager for MP v2.1.0.0 through 2.1.0.4 | WebSphere Application Server 8.0 \nFinancial Transaction Manager for MP v2.1.1.0 through 2.1.1.4 | WebSphere Application Server 8.0 \nFinancial Transaction Manager for MP v3.0.0.0 through 3.0.0.9 | WebSphere Application Server 8.5.5 \nFinancial Transaction Manager for MP v3.2.0.0 and later fixpacks | WebSphere Application Server 9.0.0 \n \n## Remediation/Fixes\n\nRefer to the following security bulletins for vulnerability details and information about fixes addressed by WebSphere Application Server which is/are shipped with Financial Transaction Manager. \n\n\nPrincipal Product and Version(s) | Affected Supporting Product and Version | Affected Supporting Product Security Bulletin \n---|---|--- \nFinancial Transaction Manager for MP v2.1.0.0 through 2.1.0.4 | WebSphere Application Server 8.0 | [_Security Bulletin: Potential vulnerability in WebSphere Application Server (CVE-2015-0899)_](<http://www-01.ibm.com/support/docview.wss?uid=swg22015348>) \nFinancial Transaction Manager for MP v2.1.1.0 through 2.1.1.4 | WebSphere Application Server 8.0 \nFinancial Transaction Manager for MP v3.0.0.0 through 3.0.0.9 | WebSphere Application Server 8.5.5 \nFinancial Transaction Manager for MP v3.2.0.0 and later fixpacks | WebSphere Application Server 9.0.0 \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-09-25T11:10:01", "type": "ibm", "title": "Security Bulletin: Security vulnerabilities have been identified in WebSphere Application Server shipped with Financial Transaction Manager (CVE-2015-0899)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0899"], "modified": "2018-09-25T11:10:01", "id": "30015D3FC7D21C469D5C563C8EEB6988F26B5F676BFCC6457A944A8011875CA0", "href": "https://www.ibm.com/support/pages/node/732727", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-06-28T22:13:29", "description": "## Summary\n\nThe IBM Emptoris Sourcing, IBM Emptoris Contract Management, IBM Emptoris Spend Analysis, IBM Emptoris Program Management and IBM Emptoris Service Procurement products are affected by a vulnerability that exists in the IBM WebSphere Application Server. The security bulletin includes issues disclosed as part of the IBM WebSphere Application Server updates.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2015-0899_ ](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0899>) \n**DESCRIPTION:** Apache Struts could allow a remote attacker to bypass security restrictions, caused by an error in the MultiPageValidator implementation. An attacker could exploit this vulnerability using a modified page parameter to bypass restrictions and launch further attacks on the system. This vulnerability also affects other products. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/101770_ ](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101770>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)\n\n## Affected Products and Versions\n\nIBM Emptoris Sourcing 10.0.0 through 10.1.1.21 \nIBM Emptoris Contract Management 10.0.0 through 10.1.1.21 \nIBM Emptoris Spend Analysis 10.0.0 through 10.1.1.21 \nIBM Emptoris Program Management 10.0.0 through 10.1.1.21 \nIBM Emptoris Services Procurement 10.0.0 through 10.1.1.0\n\n## Remediation/Fixes\n\nAn interim fix has been issued for the IBM WebSphere Application Server (WAS) which addresses this vulnerability. Customers running any of the IBM Emptoris products listed below should apply the interim fix to all IBM WebSphere Application Server installations that are used to run IBM Emptoris applications. Please refer to [Security Bulletin: Potential vulnerability in WebSphere Application Server (CVE-2015-0899)](<http://www-01.ibm.com/support/docview.wss?uid=swg22015348>) for details. \n \nSelect the appropriate WebSphere Application Server fix based on the version being used for IBM Emptoris product version. The following table lists the IBM Emptoris application versions along with the corresponding required version of IBM WebSphere Application Server and a link to the corresponding fix version where further installation instructions are provided.\n\n**Emptoris Product Version**\n\n| \n\n**WAS Version**\n\n| \n\n**Interim Fix** \n \n---|---|--- \n10.0.0.x, 10.0.1.x | 8.5.0.x | Apply Interim Fixes [PI95655](<http://www-01.ibm.com/support/docview.wss?uid=swg24044986>) and [PI98928](<http://www-01.ibm.com/support/docview.wss?uid=swg24045006>) \n10.0.2.x , \n10.0.4 | 8.5.5.x \n10.1.x | 8.5.5.x \n \n**Note** : Please refer to [Security Bulletin: Potential vulnerability in WebSphere Application Server (CVE-2015-0899)](<http://www-01.ibm.com/support/docview.wss?uid=swg22015348>) for details.\n\n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\n29 July 2018: Original version published\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n[{\"Business Unit\":{\"code\":\"BU055\",\"label\":\"Cognitive Applications\"},\"Product\":{\"code\":\"SSYR8W\",\"label\":\"Emptoris Sourcing\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF016\",\"label\":\"Linux\"},{\"code\":\"PF033\",\"label\":\"Windows\"}],\"Version\":\"All Versions\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB02\",\"label\":\"AI Applications\"}},{\"Business Unit\":{\"code\":\"BU055\",\"label\":\"Cognitive Applications\"},\"Product\":{\"code\":\"SSYQ89\",\"label\":\"Emptoris Contract Management\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF016\",\"label\":\"Linux\"},{\"code\":\"PF033\",\"label\":\"Windows\"}],\"Version\":\"All Versions\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB02\",\"label\":\"AI Applications\"}},{\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Product\":{\"code\":\"SSYRER\",\"label\":\"Emptoris Program Management\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF016\",\"label\":\"Linux\"},{\"code\":\"PF033\",\"label\":\"Windows\"}],\"Version\":\"All Versions\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB02\",\"label\":\"AI Applications\"}},{\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Product\":{\"code\":\"SSYQAR\",\"label\":\"Emptoris Spend Analysis\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF016\",\"label\":\"Linux\"},{\"code\":\"PF033\",\"label\":\"Windows\"}],\"Version\":\"All Versions\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB02\",\"label\":\"AI Applications\"}},{\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Product\":{\"code\":\"SSYR6U\",\"label\":\"Emptoris Services Procurement\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF016\",\"label\":\"Linux\"},{\"code\":\"PF033\",\"label\":\"Windows\"}],\"Version\":\"All Versions\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB02\",\"label\":\"AI Applications\"}}] \n\n## Historical Number\n\n117311;117312;117313;117314;117315", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-07-30T18:02:05", "type": "ibm", "title": "Security Bulletin: Vulnerability in IBM WebSphere Application Server Affects IBM Emptoris Sourcing, IBM Emptoris Contract Management, IBM Emptoris Spend Analysis, IBM Emptoris Program Management and IBM Emptoris Service Procurement (CVE-2015-0899)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0899"], "modified": "2018-07-30T18:02:05", "id": "544D090170B9F688E773EF8FC8B1618EED0EE7044F85992CF2BF1A4A2190E145", "href": "https://www.ibm.com/support/pages/node/719203", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-12T17:33:50", "description": "## Summary\n\nIBM WebSphere Application Server (WAS) is shipped as a component of IBM Rational ClearQuest. Information about a security vulnerability affecting WAS has been published in a security bulletin. \n\n## Vulnerability Details\n\nRefer to the security bulletin(s) listed in the Remediation/Fixes section.\n\n## Affected Products and Versions\n\nIBM Rational ClearQuest, ClearQuest CM Server component.\n\n**Versions 8.0.0.x, 8.0.1.x, 9.0.0.x, 9.0.1.x:**\n\nThis vulnerability only applies to the server component, and only for certain levels of WebSphere Application Server.\n\n## Remediation/Fixes\n\nRefer to the following security bulletin for vulnerability details and information about fixes addressed by IBM WebSphere Application Server (WAS), which is shipped with IBM Rational ClearQuest. \n\n\n**Principal Product and Version(s)** | **Affected Supporting Product and Version** | **Affected Supporting Product Security Bulletin** \n---|---|--- \nIBM Rational ClearQuest, versions 8.0.0.x, 8.0.1.x, 9.0.0.x, 9.0.1.x | IBM WebSphere Application Server 7.0, 8.0, 8.5 and 9.0. | [Security Bulletin: Information Disclosure in WebSphere Application Server (CVE-2015-0899)](<http://www.ibm.com/support/docview.wss?uid=swg22015348>) \n \n**ClearQuest Versions**\n\n| \n\n**Applying the fix** \n \n---|--- \n8.0.0.x \n8.0.1.x \n9.0.0.x \n9.0.1.x | \n\n 1. Determine the WAS version used by your CM server. Navigate to the CM profile directory (either the profile you specified when installing ClearQuest, or `<clearquest-home>/cqweb/cqwebprofile`), then execute the script: `bin/versionInfo.sh `(UNIX) or `bin\\versionInfo.bat `(Windows). The output includes a section \"IBM WebSphere Application Server\". Make note of the version listed in this section.\n 2. Identify the latest available fix (per the bulletin listed above) for the version of WAS used for CM server.\n 3. Apply the appropriate WebSphere Application Server fix directly to your CM server host. No ClearQuest-specific steps are necessary. \n \n_For 7.0.x, 7.1.x and earlier releases, IBM recommends upgrading to a fixed, supported version/release/platform of the product._\n\n## Workarounds and Mitigations\n\nNone.\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-07-12T18:50:02", "type": "ibm", "title": "Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Rational ClearQuest (CVE-2015-0899)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0899"], "modified": "2018-07-12T18:50:02", "id": "D8ADEA08E50DD31A13D004FE5B304A9912C83527BE3756B66F2A397CF3660771", "href": "https://www.ibm.com/support/pages/node/717009", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-06-24T05:49:29", "description": "## Summary\n\nWebSphere Application Server is shipped with IBM Tivoli System Automation Application Manager. Information about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin.\n\n## Vulnerability Details\n\nRefer to the security bulletin(s) listed in the Remediation/Fixes section.\n\n## Affected Products and Versions\n\nIBM Tivoli System Automation Application Manager 4.1.0.0 \u2013 4.1.0.1\n\n## Remediation/Fixes\n\nRefer to the following security bulletins for vulnerability details and information about fixes addressed by WebSphere Application Server which is shipped with IBM Tivoli System Automation Application Manager.\n\nPrincipal Product and Version(s)\n\n| \n\nAffected Supporting Product and Version\n\n| \n\nAffected Supporting Product Security Bulletin \n \n---|---|--- \n \nIBM Tivoli System Automation Application Manager 4.1\n\n| \n\nWebSphere Application Server 8.5\n\n| \n\n_[Security Bulletin: Potential vulnerability in WebSphere Application Server (CVE-2015-0899)](<http://www-01.ibm.com/support/docview.wss?uid=swg22015348>)_ \n \n## Workarounds and Mitigations\n\nNone.\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-01-17T17:35:00", "type": "ibm", "title": "Security Bulletin: A security vulnerability has been identified in WebSphere Application Server shipped with IBM Tivoli System Automation Application Manager (CVE-2015-0899)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0899"], "modified": "2023-01-17T17:35:00", "id": "3EA2C45E4F9382C2531F88095D1BC135577CA607AD54B9DD5A62C3E8C85EF769", "href": "https://www.ibm.com/support/pages/node/719307", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T01:47:49", "description": "## Summary\n\nApache Struts could allow a remote attacker to bypass security restrictions, caused by an error in the MultiPageValidator implementation. An attacker could exploit this vulnerability using a modified page parameter to bypass restrictions and launch further attacks on the system.\n\n## Vulnerability Details\n\n**CVEID:** [CVE-2015-0899](<https://vulners.com/cve/CVE-2015-0899>) \n**DESCRIPTION:** Apache Struts could allow a remote attacker to bypass security restrictions, caused by an error in the MultiPageValidator implementation. An attacker could exploit this vulnerability using a modified page parameter to bypass restrictions and launch further attacks on the system. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/101770> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)\n\n## Affected Products and Versions\n\nIBM Content Collector for File Systems v3.0 \nIBM Content Collector for File Systems v4.0 \nIBM Content Collector for File Systems v4.0.1\n\n## Remediation/Fixes\n\n**Product**\n\n| **VRM**| **Remediation** \n---|---|--- \nIBM Content Collector for File Systems| 3.0| Use IBM Content Collector for File Systems 4.0.1.5 [Interim Fix 001](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?product=ibm%2FInformation+Management%2FContent+Collector&fixids=4.0.1.5-IBM-ICC-IF001&source=SAR&function=fixId&parent=Enterprise%20Content%20Management>) \nIBM Content Collector for File Systems| 4.0| Use IBM Content Collector for File Systems 4.0.1.5 [Interim Fix 001](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?product=ibm%2FInformation+Management%2FContent+Collector&fixids=4.0.1.5-IBM-ICC-IF001&source=SAR&function=fixId&parent=Enterprise%20Content%20Management>) \nIBM Content Collector for File Systems| 4.0.1| Use IBM Content Collector for File Systems 4.0.1.5 [Interim Fix 001](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?product=ibm%2FInformation+Management%2FContent+Collector&fixids=4.0.1.5-IBM-ICC-IF001&source=SAR&function=fixId&parent=Enterprise%20Content%20Management>) \n \nFollow the steps in the readme file in the 4.0.1.5 interim fix 001 to install the interim fix applicable to your version. \n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-06-17T12:17:48", "type": "ibm", "title": "Security Bulletin: OpenSource Apache Struts vulnerability in IBM Content Collector for File Systems", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0899"], "modified": "2018-06-17T12:17:48", "id": "4695FA8F517C9073437AB3503CAEBE8F17E0386BCB5FA7CF2B4627643F254646", "href": "https://www.ibm.com/support/pages/node/292423", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-13T13:34:52", "description": "## Summary\n\nIBM WebSphere Application Server is shipped as components of Business Monitor. \nInformation about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin.\n\n## Vulnerability Details\n\nConsult the Security Bulletin \n[Potential vulnerability in WebSphere Application Server (CVE-2015-0899)](<http://www-01.ibm.com/support/docview.wss?uid=swg22015348>) for vulnerability details and information about fixes.\n\n## Affected Products and Versions\n\n## Principal Product and Version\n\n| \n\n## Affected Supporting Product and Version \n \n---|--- \nIBM Business Monitor V8.5.7 | WebSphere Application Server V8.5.5 \nIBM Business Monitor V8.5.6 | WebSphere Application Server V8.5.5 \nIBM Business Monitor V8.5.5 | WebSphere Application Server V8.5.5 \nIBM Business Monitor V8.1.0.3 | WebSphere Application Server V8.0 \nIBM Business Monitor V8.0 | WebSphere Application Server V8.0 \n \n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-06-26T18:28:57", "type": "ibm", "title": "Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Business Monitor (CVE-2015-0899)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0899"], "modified": "2018-06-26T18:28:57", "id": "E1DDF2752E86E32A93B778F4A62DA348D20B60DBDD915C1F9931C70D2553973C", "href": "https://www.ibm.com/support/pages/node/713661", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-12T21:33:39", "description": "## Summary\n\nIBM WebSphere Application Server (WAS) is shipped as a component of IBM Tivoli Security Policy Manager (TSPM). Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin.\n\n## Vulnerability Details\n\nPlease consult the security bulletin [Security Bulletin: Potential vulnerability in WebSphere Application Server (CVE-2015-0899)](<http://www-01.ibm.com/support/docview.wss?uid=swg22015348>) for vulnerability details and information about fixes.\n\n## Affected Products and Versions\n\n**Product Version ** | **WebSphere Version** \n---|--- \nTSPM 7.1 | WAS V7.0 \nRTSS 7.1 | WAS V7.0, V8.0 \n \n**Note:** TSPM is comprised of TSPM and Runtime Security Services (RTSS).\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-07-20T04:53:43", "type": "ibm", "title": "Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Tivoli Security Policy Manager (CVE-2015-0899)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0899"], "modified": "2018-07-20T04:53:43", "id": "A758A1B10E085A8CCD4CD2CBBF9F9F41944540C517465DB005FDFD0DC4569590", "href": "https://www.ibm.com/support/pages/node/717497", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-22T01:47:32", "description": "## Summary\n\nIBM Security Guardium has addressed the following vulnerability. \n\n## Vulnerability Details\n\n**CVEID:** [CVE-2015-0899](<https://vulners.com/cve/CVE-2015-0899>) \n**DESCRIPTION:** Apache Struts could allow a remote attacker to bypass security restrictions, caused by an error in the MultiPageValidator implementation. An attacker could exploit this vulnerability using a modified page parameter to bypass restrictions and launch further attacks on the system. This vulnerability also affects other products. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/101770> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)\n\n## Affected Products and Versions\n\n**Affected IBM Security Guardium **\n\n| \n\n**Affected Versions** \n \n---|--- \nIBM Security Guardium | 10.0 - 10.5 \n \n## Remediation/Fixes\n\n**Product**\n\n| \n\n**VRMF**\n\n| \n\n**Remediation / First Fix** \n \n---|---|--- \nIBM Security Guardium | 10.0 - 10.5 | \n\nhttp://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Security&product=ibm/Information+Management/InfoSphere+Guardium&release=10.0&platform=All&function=fixId&fixids=SqlGuard_10.0p600_GPU_Nov-2018-V10.6&includeSupersedes=0&source=fc \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-01-02T15:00:01", "type": "ibm", "title": "Security Bulletin: IBM Security Guardium is affected by an OpenSource Apache Struts vulnerability", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0899"], "modified": "2019-01-02T15:00:01", "id": "8A621D7EC29CDC30D62E006392BDC867B806D0CB2AC163E36A955BF3F53C7DDA", "href": "https://www.ibm.com/support/pages/node/792503", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T01:47:51", "description": "## Summary\n\nApache Struts could allow a remote attacker to bypass security restrictions, caused by an error in the MultiPageValidator implementation. An attacker could exploit this vulnerability using a modified page parameter to bypass restrictions and launch further attacks on the system.\n\n## Vulnerability Details\n\n**CVEID:** [CVE-2015-0899](<https://vulners.com/cve/CVE-2015-0899>) \n**DESCRIPTION:** Apache Struts could allow a remote attacker to bypass security restrictions, caused by an error in the MultiPageValidator implementation. An attacker could exploit this vulnerability using a modified page parameter to bypass restrictions and launch further attacks on the system. This vulnerability also affects other products. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/101770> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)\n\n## Affected Products and Versions\n\nIBM Content Collector for Microsoft SharePoint v3.0 \nIBM Content Collector for Microsoft SharePoint v4.0 \nIBM Content Collector for Microsoft SharePoint v4.0.1\n\n## Remediation/Fixes\n\n**Product**\n\n| **VRM**| **Remediation** \n---|---|--- \nIBM Content Collector for Microsoft SharePoint| 3.0| Use IBM Content Collector for Microsoft SharePoint 4.0.1.5 [Interim Fix 001](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?product=ibm%2FInformation+Management%2FContent+Collector&fixids=4.0.1.5-IBM-ICC-IF001&source=SAR&function=fixId&parent=Enterprise%20Content%20Management>) \nIBM Content Collector for Microsoft SharePoint| 4.0| Use IBM Content Collector for Microsoft SharePoint 4.0.1.5 [Interim Fix 001](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?product=ibm%2FInformation+Management%2FContent+Collector&fixids=4.0.1.5-IBM-ICC-IF001&source=SAR&function=fixId&parent=Enterprise%20Content%20Management>) \nIBM Content Collector for Microsoft SharePoint| 4.0.1| Use IBM Content Collector for Microsoft SharePoint 4.0.1.5 [Interim Fix 001](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?product=ibm%2FInformation+Management%2FContent+Collector&fixids=4.0.1.5-IBM-ICC-IF001&source=SAR&function=fixId&parent=Enterprise%20Content%20Management>) \n \nFollow the steps in the readme file in the 4.0.1.5 interim fix 001 to install the interim fix applicable to your version. \n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-06-17T12:17:47", "type": "ibm", "title": "Security Bulletin: OpenSource Apache Struts vulnerability in IBM Content Collector for Microsoft SharePoint", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0899"], "modified": "2018-06-17T12:17:47", "id": "31066745C5F3A1400280F9DC71A8F83272987B4B260AC9B56A741D16CEE2CC3E", "href": "https://www.ibm.com/support/pages/node/292415", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T05:56:27", "description": "## Summary\n\nMultiple security vulnerabilities have been reported for Apache Struts that is used by IBM Business Process Manager and WebSphere Lombardi Edition.\n\n## Vulnerability Details\n\n**CVEID:** [CVE-2016-1181](<https://vulners.com/cve/CVE-2016-1181>)** \nDESCRIPTION:** Apache Struts could allow a remote attacker to execute arbitrary code on the system, caused by the failure to protect against unintended remote operations against components on server memory by the ActionForm instance. An attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base Score: 8.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/113852> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) \n\n**CVEID:** [CVE-2016-1182](<https://vulners.com/cve/CVE-2016-1182>)** \nDESCRIPTION:** Apache Struts could allow a remote attacker to bypass security restrictions, caused by the improper validation of input by the Validator. An attacker could exploit this vulnerability to modify validation rules and error messages. \nCVSS Base Score: 4.8 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/113853> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L)\n\n \n \n**CVEID:** [CVE-2015-0899](<https://vulners.com/cve/CVE-2015-0899>)** \nDESCRIPTION:** Apache Struts could allow a remote attacker to bypass security restrictions, caused by an error in the MultiPageValidator implementation. An attacker could exploit this vulnerability using a modified page parameter to bypass restrictions and launch further attacks on the system. This vulnerability also affects other products. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/101770> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N) \n\n## Affected Products and Versions\n\n * * WebSphere Lombardi Edition V7.2.0.0 - V7.2.0.5\n * IBM Business Process Manager all editions V7.5.0.0 - V7.5.1.2\n * IBM Business Process Manager all editions V8.0.0.0 - V8.0.1.3\n * IBM Business Process Manager all editions V8.5.0.0 - V8.5.7.0 prior to cumulative fix 2016.09\n\n## Remediation/Fixes\n\nInstall IBM Business Process Manager interim fix JR56285 as appropriate for your current IBM Business Process Manager or WebSphere Lombardi Edition version. \n\n\n * [_IBM Business Process Manager Advanced_](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/IBM+Business+Process+Manager+Advanced&release=All&platform=All&function=aparId&apars=JR56285>)\n * [IBM Business Process Manager Standard](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/IBM+Business+Process+Manager+Standard&release=All&platform=All&function=aparId&apars=JR56285>)\n * [IBM Business Process Manager Express](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/IBM+Business+Process+Manager+Express&release=All&platform=All&function=aparId&apars=JR56285>)\n \nAs WebSphere Lombardi Edition and IBM Business Process Manager V7.5 are out of general support, customers with a support extension contract can contact IBM support to request the fix for download. \n \nIBM Business Process Manager and WebSphere Lombardi Edition build upon IBM WebSphere Application Server that also uses Apache Struts. Refer to the [Security Bulletin: Vulnerabilities in Apache Struts affects IBM WebSphere Application Server (CVE-2016-1181 and CVE-2016-1182)](<http://www-01.ibm.com/support/docview.wss?uid=swg21985995>) for details on fixes for WebSphere Application Server. \nIBM Business Process Manager V8.5.7.0 cumulative fix 2016.09 includes IBM WebSphere Application Server V8.5.5.10, thus does not require additional fixes for this vulnerability. \n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 8.2, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 4.2}, "published": "2018-06-15T07:06:16", "type": "ibm", "title": "Security Bulletin: Security vulnerabilities in Apache Struts might affect IBM Business Process Manager and WebSphere Lombardi Edition (CVE-2016-1181, CVE-2016-1182, CVE-2015-0899)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0899", "CVE-2016-1181", "CVE-2016-1182"], "modified": "2018-06-15T07:06:16", "id": "107B029DD56A2199A3A87E51461350D452A0422C3E3D25CE9E1B91F71C36131B", "href": "https://www.ibm.com/support/pages/node/552311", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-21T01:47:33", "description": "## Summary\n\nIBM C\u00faram Social Program Management uses the Apache Struts Library. Apache Struts could allow a remote attacker to bypass security restrictions, caused by the improper validation of input by the Validator; or Apache Struts could allow a remote attacker to execute arbitrary code on the system, caused by the failure to protect against unintended remote operations against components on server memory by the ActionForm instance; or Apache Struts could allow a remote attacker to bypass security restrictions, caused by an error in the MultiPageValidator implementation.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2016-1182_](<https://vulners.com/cve/CVE-2016-1182>)** \nDESCRIPTION:** Apache Struts could allow a remote attacker to bypass security restrictions, caused by the improper validation of input by the Validator. An attacker could exploit this vulnerability to modify validation rules and error messages. \n_CVSS Base Score: 4.8 \nCVSS Temporal Score: See _[__https://exchange.xforce.ibmcloud.com/vulnerabilities/113853__](<https://exchange.xforce.ibmcloud.com/vulnerabilities/113853>)_ for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L_) \n \n**CVEID:** [_CVE-2016-1181_](<https://vulners.com/cve/CVE-2016-1181>)** \nDESCRIPTION:** Apache Struts could allow a remote attacker to execute arbitrary code on the system, caused by the failure to protect against unintended remote operations against components on server memory by the ActionForm instance. An attacker could exploit this vulnerability to execute arbitrary code on the system. \n_CVSS Base Score: 8.1 \nCVSS Temporal Score: See _[__https://exchange.xforce.ibmcloud.com/vulnerabilities/113852__](<https://exchange.xforce.ibmcloud.com/vulnerabilities/113852>)_ for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H_) \n \n**CVEID:** [_CVE-2015-0899_](<https://vulners.com/cve/CVE-2015-0899>)** \nDESCRIPTION:** Apache Struts could allow a remote attacker to bypass security restrictions, caused by an error in the MultiPageValidator implementation. An attacker could exploit this vulnerability using a modified page parameter to bypass restrictions and launch further attacks on the system. This vulnerability also affects other products. \n_CVSS Base Score: 4.3 \nCVSS Temporal Score: See _[__https://exchange.xforce.ibmcloud.com/vulnerabilities/101770__](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101770>)_ for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)_\n\n## Affected Products and Versions\n\nIBM C\u00faram Social Program Management 7.0.0.0 - 7.0.1.0 \nIBM C\u00faram Social Program Management 6.2.0.0 - 6.2.0.5 \nIBM C\u00faram Social Program Management 6.1.0.0 - 6.1.1.5 \nIBM C\u00faram Social Program Management 6.0.5.0 - 6.0.5.10\n\n## Remediation/Fixes\n\nProduct\n\n| VRMF| _Remediation/First Fix_ \n---|---|--- \nIBM C\u00faram Social Program Management| 7.0| Visit IBM Fix Central and upgrade to [_7.0.1.1_](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=Smarter%20Cities&product=ibm/Other+software/Curam+Social+Program+Management&release=7.0.1.0&platform=All&function=all>) or a subsequent 7.0.1 release \nIBM C\u00faram Social Program Management| 6.2| Visit IBM Fix Central and upgrade to [_6.2.0.6_](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=Smarter%20Cities&product=ibm/Other+software/Curam+Social+Program+Management&release=6.2.0.0&platform=All&function=all>) or a subsequent 6.2.0 release \nIBM C\u00faram Social Program Management| 6.1| Visit IBM Fix Central and upgrade to [_6.1.1.6_](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=Smarter%20Cities&product=ibm/Other+software/Curam+Social+Program+Management&release=6.1.1.0&platform=All&function=all>) or a subsequent 6.1.1 release \nIBM C\u00faram Social Program Management| 6.0.5| Visit IBM Fix Central and upgrade to [_6.0.5.10 iFix2_](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=Smarter%20Cities&product=ibm/Other+software/Curam+Social+Program+Management&release=6.0.5.10&platform=All&function=all>) or a subsequent 6.0.5 release \n \n## Workarounds and Mitigations\n\nFor information on all other versions please contact C\u00faram Customer Support.\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 8.2, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 4.2}, "published": "2018-06-17T13:09:41", "type": "ibm", "title": "Security Bulletin: Vulnerability in Apache Struts affects IBM C\u00faram Social Program Management (CVE-2016-1182, CVE-2016-1181, CVE-2015-0899)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0899", "CVE-2016-1181", "CVE-2016-1182"], "modified": "2018-06-17T13:09:41", "id": "B4BA991763253D738BCAA9AB61AE50E1AA4C20D6F3366D5551C3051C29FEADB2", "href": "https://www.ibm.com/support/pages/node/296843", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-27T21:50:37", "description": "## Summary\n\nWebSphere Application Server is shipped as a component of IBM Security Key Lifecycle Manager (SKLM). Information about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin.\n\n## Vulnerability Details\n\nRefer to the security bulletin(s) listed in the Remediation/Fixes section\n\n## Affected Products and Versions\n\nAffected Product(s) | Version(s) | WebSphere Application Server Version \n---|---|--- \nIBM Security Key Lifecycle Manager | 4.0 | 9.0.5 \nIBM Security Key Lifecycle Manager | 3.0.1 | 9.0.0.5 \nIBM Security Key Lifecycle Manager | 3.0 | 9.0.0.5 \nIBM Security Key Lifecycle Manager | 2.7 | 9.0.0.1 \n \n## Remediation/Fixes\n\nPlease consult the following bulletins: \n\n[Security Bulletin: Potential vulnerability in WebSphere Application Server (CVE-2015-0899)](<https://www.ibm.com/support/pages/security-bulletin-potential-vulnerability-websphere-application-server-cve-2015-0899> \"Security Bulletin: Potential vulnerability in WebSphere Application Server \$CVE-2015-0899\$\" ) \n[Security Bulletin: Classloader Manipulation Vulnerability in IBM WebSphere Application Server CVE-2014-0114](<https://www.ibm.com/support/pages/security-bulletin-classloader-manipulation-vulnerability-ibm-websphere-application-server-cve-2014-0114> \"Security Bulletin: Classloader Manipulation Vulnerability in IBM WebSphere Application Server CVE-2014-0114\" ) \n[Security Bulletin: Vulnerabilities in Apache Struts affects IBM WebSphere Application Server (CVE-2016-1181 and CVE-2016-1182)](<https://www.ibm.com/support/pages/security-bulletin-vulnerabilities-apache-struts-affects-ibm-websphere-application-server-cve-2016-1181-and-cve-2016-1182> \"Security Bulletin: Vulnerabilities in Apache Struts affects IBM WebSphere Application Server \$CVE-2016-1181 and CVE-2016-1182\$\" )\n\nfor vulnerability details and information about fixes.\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 8.2, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 4.2}, "published": "2020-09-26T18:24:35", "type": "ibm", "title": "Security Bulletin: A security vulnerability has been identified in WebSphere Application Server shipped with IBM Security Key Lifecycle Manager (SKLM) (CVE-2015-0899, CVE-2014-0114, CVE-2016-1181 and CVE-2016-1182)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-0114", "CVE-2015-0899", "CVE-2016-1181", "CVE-2016-1182"], "modified": "2020-09-26T18:24:35", "id": "EB488D986A623E81C07D5F38DFFA754649938084B72DDAA698DEA6B41BB73C49", "href": "https://www.ibm.com/support/pages/node/6338461", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-13T13:34:50", "description": "## Summary\n\nIBM WebSphere Application Server is shipped as a component of IBM WebSphere Service Registry and Repository. Information about security vulnerabilities affecting IBM WebSphere Application Server and WebSphere Application Server UDDI have been published in security bulletins.\n\n## Vulnerability Details\n\nPlease consult the security bulletins:\n\n * [Security Bulletin: Information disclosure in Apache Commons HttpClient used by WebSphere Application Server (CVE-2012-5783)](<http://www-01.ibm.com/support/docview.wss?uid=swg22016216>)\n * [Security Bulletin: Potential vulnerability in WebSphere Application Server (CVE-2015-0899)](<http://www-01.ibm.com/support/docview.wss?uid=swg22015348>)\n * [Security Bulletin: Information disclosure in WebSphere Application Server with SAML (CVE-2018-1614)](<http://www-01.ibm.com/support/docview.wss?uid=swg22016887>)\n * [Security Bulletin: Multiple vulnerabilities in Apache Struts and Apache Commons that is used by WebSphere Application Server UDDI](<http://www-01.ibm.com/support/docview.wss?uid=swg22016214>)\n * [Security Bulletin: Information Disclosure in WebSphere Application Server (CVE-2018-1621)](<http://www-01.ibm.com/support/docview.wss?uid=swg22016821>)\n\nfor vulnerability details and information about fixes.\n\n## Affected Products and Versions\n\nPrincipal Product and Version(s) | Affected Supporting Product and Version \n---|--- \nWebSphere Service Registry and Repository V8.5 | WebSphere Application Server V8.5.5 \nWebSphere Service Registry and Repository V8.0 | WebSphere Application Server V8.0 \n \n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-07-05T14:14:56", "type": "ibm", "title": "Security Bulletin: Vulnerabilities identified in IBM WebSphere Application Server and WebSphere Application Server UDDI shipped with IBM WebSphere Service Registry and Repository (CVE-2012-5783, CVE-2015-0899, CVE-2018-1614 and CVE-2018-1621)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-5783", "CVE-2015-0899", "CVE-2018-1614", "CVE-2018-1621"], "modified": "2018-07-05T14:14:56", "id": "BAFE1432B61D78F2B29438C3606D2D46643F4DA3DFC6DD0FB0C4962ECD44C150", "href": "https://www.ibm.com/support/pages/node/713613", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-02-21T21:41:27", "description": "## Summary\n\nThere are multiple vulnerabilities in IBM WebSphere application server that may potentially affect IBM Workload Scheduler. \n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2018-1621_](<https://vulners.com/cve/CVE-2018-1621>) \n**DESCRIPTION:** IBM WebSphere Application Server could allow a local attacker to obtain clear text password in a trace file caused by improper handling of some datasource custom properties. \nCVSS Base Score: 4.4 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/144346_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/144346>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N)\n\n**CVEID:** [_CVE-2018-1614_](<https://vulners.com/cve/CVE-2018-1614>) \n**DESCRIPTION:** IBM WebSphere Application Server using malformed SAML responses from the SAML identity provider could allow a remote attacker to obtain sensitive information. \nCVSS Base Score: 5.8 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/144270_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/144270>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N)\n\n**CVEID:** [_CVE-2012-5783_](<https://vulners.com/cve/CVE-2012-5783>) \n**DESCRIPTION:** Apache Commons HttpClient, as used in Amazon Flexible Payments Service (FPS) merchant Java SDK and other products, could allow a remote attacker to conduct spoofing attacks, caused by the failure to verify that the server hostname matches a domain name in the subject's Common Name (CN) field of the X.509 certificate. By persuading a victim to visit a Web site containing a specially-crafted certificate, an attacker could exploit this vulnerability using man-in-the-middle techniques to spoof an SSL server. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/79984_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/79984>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)\n\n**CVEID:** [_CVE-2015-0899_](<https://vulners.com/cve/CVE-2015-0899>) \n**DESCRIPTION:** Apache Struts could allow a remote attacker to bypass security restrictions, caused by an error in the MultiPageValidator implementation. An attacker could exploit this vulnerability using a modified page parameter to bypass restrictions and launch further attacks on the system. This vulnerability also affects other products. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/101770_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101770>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)\n\n## Affected Products and Versions\n\nThese vulnerabilities in IBM WebSphere application server may potentially affect IBM Workload Scheduler 9,1, 9.2, 9.3 or 9.4. \n\n## Remediation/Fixes\n\nIBM WebSphere has published the following security bulletins to addresses the mentioned vulnerabilities.\n\nFor _[CVE-2015-0899](<https://vulners.com/cve/CVE-2015-0899>) _refer to <http://www-01.ibm.com/support/docview.wss?uid=swg22015348> .\n\nFor _[CVE-2012-5783](<https://vulners.com/cve/CVE-2012-5783>) _refer to <http://www-01.ibm.com/support/docview.wss?uid=swg22016216> .\n\nFor _[CVE-2018-1614](<https://vulners.com/cve/CVE-2018-1614>)_ refer to <http://www-01.ibm.com/support/docview.wss?uid=swg22016887> .\n\nFor _[CVE-2018-1621](<https://vulners.com/cve/CVE-2018-1621>)_ refer to <http://www-01.ibm.com/support/docview.wss?uid=swg22016821> .\n\n## Workarounds and Mitigations\n\nN/A\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-06-19T15:00:50", "type": "ibm", "title": "Security Bulletin: Multiple vulnerabilities in WebSphere application server affect IBM Workload Scheduler", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-5783", "CVE-2015-0899", "CVE-2018-1614", "CVE-2018-1621"], "modified": "2020-06-19T15:00:50", "id": "D66B903250F05C7E6F628063E46BB788B758ACF5470BDBDCE9A7DDCF98ED3362", "href": "https://www.ibm.com/support/pages/node/734305", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-02-21T21:42:09", "description": "## Summary\n\nWebsphere Application Server is shipped with Predictive Customer Intelligence. Information about security vulnerabilities affecting Websphere Application Server has been published in security bulletins.\n\n## Vulnerability Details\n\nPlease consult the security bulletins:\n\n[Security Bulletin: Information disclosure in Apache Commons HttpClient used by WebSphere Application Server (CVE-2012-5783)](<http://www-01.ibm.com/support/docview.wss?uid=swg22016216>),\n\n[Security Bulletin: Information disclosure in WebSphere Application Server with SAML (CVE-2018-1614)](<http://www-01.ibm.com/support/docview.wss?uid=swg22016887>),\n\n[Security Bulletin: Multiple vulnerabilities in Apache Struts and Apache Commons that is used by WebSphere Application Server UDDI](<http://www-01.ibm.com/support/docview.wss?uid=swg22016214>),\n\n[Security Bulletin: Potential vulnerability in WebSphere Application Server (CVE-2015-0899)](<http://www-01.ibm.com/support/docview.wss?uid=swg22015348>)\n\nfor vulnerability details and information about fixes.\n\n## Affected Products and Versions\n\nPredictive Customer Intelligence versions 1.0, 1.0.1, 1.1, 1.1.1, 1.1.2\n\n## Remediation/Fixes\n\nRefer to the following security bulletins for vulnerability details and information about fixes addressed by Websphere Application Server which is/are shipped with Predictive Customer Intelligence.\n\nPrincipal Product and Version(s) | Affected Supporting Product and Version | Affected Supporting Product Security Bulletin \n---|---|--- \nPredictive Customer Intelligence 1.0 and 1.0.1 | Websphere Application Server 8.5.5 | [Security Bulletin: Information disclosure in Apache Commons HttpClient used by WebSphere Application Server (CVE-2012-5783)](<http://www-01.ibm.com/support/docview.wss?uid=swg22016216>)\n\n[Security Bulletin: Information disclosure in WebSphere Application Server with SAML (CVE-2018-1614)](<http://www-01.ibm.com/support/docview.wss?uid=swg22016887>)\n\n[Security Bulletin: Multiple vulnerabilities in Apache Struts and Apache Commons that is used by WebSphere Application Server UDDI](<http://www-01.ibm.com/support/docview.wss?uid=swg22016214>)\n\n[Security Bulletin: Potential vulnerability in WebSphere Application Server (CVE-2015-0899)](<http://www-01.ibm.com/support/docview.wss?uid=swg22015348>) \n \nPredictive Customer Intelligence 1.1 and 1.1.1 | Websphere Application Server 8.5.5.6 | [Security Bulletin: Information disclosure in Apache Commons HttpClient used by WebSphere Application Server (CVE-2012-5783)](<http://www-01.ibm.com/support/docview.wss?uid=swg22016216>)\n\n[Security Bulletin: Information disclosure in WebSphere Application Server with SAML (CVE-2018-1614)](<http://www-01.ibm.com/support/docview.wss?uid=swg22016887>)\n\n[Security Bulletin: Multiple vulnerabilities in Apache Struts and Apache Commons that is used by WebSphere Application Server UDDI](<http://www-01.ibm.com/support/docview.wss?uid=swg22016214>)\n\n[Security Bulletin: Potential vulnerability in WebSphere Application Server (CVE-2015-0899)](<http://www-01.ibm.com/support/docview.wss?uid=swg22015348>) \n \nPredictive Customer Intelligence 1.1.2 | Websphere Application Server 9.0.0.4 | [Security Bulletin: Information disclosure in Apache Commons HttpClient used by WebSphere Application Server (CVE-2012-5783)](<http://www-01.ibm.com/support/docview.wss?uid=swg22016216>)\n\n[Security Bulletin: Information disclosure in WebSphere Application Server with SAML (CVE-2018-1614)](<http://www-01.ibm.com/support/docview.wss?uid=swg22016887>)\n\n[Security Bulletin: Multiple vulnerabilities in Apache Struts and Apache Commons that is used by WebSphere Application Server UDDI](<http://www-01.ibm.com/support/docview.wss?uid=swg22016214>)\n\n[Security Bulletin: Potential vulnerability in WebSphere Application Server (CVE-2015-0899)](<http://www-01.ibm.com/support/docview.wss?uid=swg22015348>) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-02-11T21:31:00", "type": "ibm", "title": "Security Bulletin: Security Vulnerabilities have been Identified in Websphere Application Server Shipped with Predictive Customer Intelligence (CVE-2012-5783, CVE-2018-1614, CVE-2014-0114, CVE-2015-0899)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-5783", "CVE-2014-0114", "CVE-2015-0899", "CVE-2018-1614"], "modified": "2020-02-11T21:31:00", "id": "0F8C9B43069C04EF8D42F75FA8D42A5837D2A01F1B45F132DD6CE116C7562B83", "href": "https://www.ibm.com/support/pages/node/715391", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-02-12T21:33:42", "description": "## Summary\n\nIn the WebSphere Application Server where the Rational Asset Manager is deployed, a remote attacker could exploit the vulnerabilities such as spoofing attacks, execute arbitrary codes, exploit sensitive information and so on. Information about these security vulnerabilities affecting WebSphere Application Server has been published in security bulletins.\n\n## Vulnerability Details\n\nRefer to the security bulletin listed in the Remediation/Fixes section.\n\n## Affected Products and Versions\n\nIBM Rational Asset Manager 7.5 and 7.5.3.3. \n\nNOTE: Rational Asset Manager 7.5.2 and later versions does not support embedded WebSphere Application Server.\n\n## Remediation/Fixes\n\nRefer to the following security bulletins for vulnerability details and information about fixes addressed by IBM WebSphere Application Server (WAS).\n\nAffected Supporting Product | Affected Supporting Product Security Bulletin \n---|--- \nIBM WebSphere Application Server Version 7.0 | [Security Bulletin: Potential vulnerability in WebSphere Application Server (CVE-2015-0899)](<http://www-01.ibm.com/support/docview.wss?uid=swg22015348>) \n[Security Bulletin: Multiple vulnerabilities in Apache Struts and Apache Commons that is used by WebSphere Application Server UDDI](<http://www-01.ibm.com/support/docview.wss?uid=swg22016214>) \n[Security Bulletin: Information disclosure in Apache Commons HttpClient used by WebSphere Application Server (CVE-2012-5783)](<http://www-01.ibm.com/support/docview.wss?uid=swg22016216>) \n[Security Bulletin: Information disclosure in WebSphere Application Server with SAML (CVE-2018-1614)](<http://www-01.ibm.com/support/docview.wss?uid=swg22016887>) \n[Security Bulletin: Information Disclosure in WebSphere Application Server (CVE-2018-1621)](<http://www-01.ibm.com/support/docview.wss?uid=swg22016821>) \n \n## Workarounds and Mitigations\n\nNone.\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-07-18T10:28:59", "type": "ibm", "title": "Security Bulletin: Security vulnerabilities have been identified in the WebSphere Application Server where the RAM is deployed.", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-5783", "CVE-2015-0899", "CVE-2018-1614", "CVE-2018-1621"], "modified": "2018-07-18T10:28:59", "id": "43DA4697F34CF5D5A6799540E74541895D58CA735AF6018C2189B56DA5C5FD59", "href": "https://www.ibm.com/support/pages/node/716055", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-02-21T01:39:00", "description": "## Summary\n\nIBM Sterling B2B Integrator Standard Edition has addressed the following multiple vulnerabilities caused by Apach Struts 1.1\n\n## Vulnerability Details\n\n**CVEID:** [CVE-2008-2025](<https://vulners.com/cve/CVE-2008-2025>)** \nDESCRIPTION:** Apache Struts is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim''s Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim''s cookie-based authentication credentials. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/49712> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N) \n\n**CVEID:** [CVE-2014-0114](<https://vulners.com/cve/CVE-2014-0114>)** \nDESCRIPTION:** Apache Struts could allow a remote attacker to execute arbitrary code on the system, caused by the failure to restrict the setting of Class Loader attributes. An attacker could exploit this vulnerability using the class parameter of an ActionForm object to manipulate the ClassLoader and execute arbitrary code on the system. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/92889> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:P)\n\n**CVEID:** [CVE-2015-0899](<https://vulners.com/cve/CVE-2015-0899>)** \nDESCRIPTION:** Apache Struts could allow a remote attacker to bypass security restrictions, caused by an error in the MultiPageValidator implementation. An attacker could exploit this vulnerability using a modified page parameter to bypass restrictions and launch further attacks on the system. This vulnerability also affects other products. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/101770> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)\n\n**CVEID:** [CVE-2016-1181](<https://vulners.com/cve/CVE-2016-1181>)** \nDESCRIPTION:** Apache Struts could allow a remote attacker to execute arbitrary code on the system, caused by the failure to protect against unintended remote operations against components on server memory by the ActionForm instance. An attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base Score: 8.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/113852> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n**CVEID:** [CVE-2016-1182](<https://vulners.com/cve/CVE-2016-1182>)** \nDESCRIPTION:** Apache Struts could allow a remote attacker to bypass security restrictions, caused by the improper validation of input by the Validator. An attacker could exploit this vulnerability to modify validation rules and error messages. \nCVSS Base Score: 4.8 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/113853> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L)\n\n## Affected Products and Versions\n\nIBM Sterling B2B Integrator 5.2\n\n## Remediation/Fixes\n\n**PRODUCT & Version **\n\n| \n\n**APAR**\n\n| \n\n**Remediation/Fix** \n \n---|---|--- \n \nIBM Sterling B2B Integrator 5.2\n\n| IT23546| \n\nApply Fix Pack 5020603_4 available on [_Fix Central_](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Other%2Bsoftware&product=ibm/Other+software/Sterling+B2B+Integrator&release=All&platform=All&function=all>) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 8.2, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 4.2}, "published": "2020-02-05T00:53:36", "type": "ibm", "title": "Security Bulletin: Multiple Apache Struts Vulnerabilities Affect IBM Sterling B2B Integrator", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-2025", "CVE-2014-0114", "CVE-2015-0899", "CVE-2016-1181", "CVE-2016-1182"], "modified": "2020-02-05T00:53:36", "id": "71A473993D401FAFDA20A063C958EB3785E06B0F2833BBEB5FA0B1E2E3123139", "href": "https://www.ibm.com/support/pages/node/301933", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-10-01T06:51:49", "description": "## Summary\n\nMultiple vulnerabilities in Apache Struts 1.2.x may affect IBM eDiscovery Manager.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2016-1181](<https://vulners.com/cve/CVE-2016-1181>) \n** DESCRIPTION: **Apache Struts could allow a remote attacker to execute arbitrary code on the system, caused by the failure to protect against unintended remote operations against components on server memory by the ActionForm instance. An attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/113852](<https://exchange.xforce.ibmcloud.com/vulnerabilities/113852>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2016-1182](<https://vulners.com/cve/CVE-2016-1182>) \n** DESCRIPTION: **Apache Struts could allow a remote attacker to bypass security restrictions, caused by the failure to properly properly restrict the Validator configuration bin ActionServlet.java. An attacker could exploit this vulnerability to modify validation rules and error messages. \nCVSS Base score: 4.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/113853](<https://exchange.xforce.ibmcloud.com/vulnerabilities/113853>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L) \n \n** CVEID: **[CVE-2008-2025](<https://vulners.com/cve/CVE-2008-2025>) \n** DESCRIPTION: **Apache Struts is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/49712](<https://exchange.xforce.ibmcloud.com/vulnerabilities/49712>) for the current score. \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N) \n \n** CVEID: **[CVE-2015-0899](<https://vulners.com/cve/CVE-2015-0899>) \n** DESCRIPTION: **Apache Struts could allow a remote attacker to bypass security restrictions, caused by an error in the MultiPageValidator implementation. An attacker could exploit this vulnerability using a modified page parameter to bypass restrictions and launch further attacks on the system. This vulnerability also affects other products. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/101770](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101770>) for the current score. \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N) \n \n** CVEID: **[CVE-2014-0114](<https://vulners.com/cve/CVE-2014-0114>) \n** DESCRIPTION: **Apache Struts could allow a remote attacker to execute arbitrary code on the system, caused by the failure to restrict the setting of Class Loader attributes. An attacker could exploit this vulnerability using the class parameter of an ActionForm object to manipulate the ClassLoader and execute arbitrary code on the system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/92889](<https://exchange.xforce.ibmcloud.com/vulnerabilities/92889>) for the current score. \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:P)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \neDiscovery Manager| 2.2.2 \n \n## Remediation/Fixes\n\nProduct\n\n| VRM| Remediation \n---|---|--- \nIBM eDiscovery Manager| 2.2.2| \n\nUse IBM eDiscovery Manager 2.2.2.3 [Interim Fix 008](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FInformation+Management%2FInfoSphere+eDiscovery+Manager&fixids=2.2.2.3-EDM-WIN-IF008&source=SAR> \"Interim Fix 008\" ) for Windows\n\nUse IBM eDiscovery Manager 2.2.2.3 [Interim Fix 008](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FInformation+Management%2FInfoSphere+eDiscovery+Manager&fixids=2.2.2.3-EDM-AIX-IF008&source=SAR> \"Interim Fix 008\" ) for AIX \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 8.2, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 4.2}, "published": "2023-07-12T09:59:49", "type": "ibm", "title": "Security Bulletin: Multiple Vulnerabilities in Apache Struts 1.2.x Affect IBM eDiscovery Manager", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-2025", "CVE-2014-0114", "CVE-2015-0899", "CVE-2016-1181", "CVE-2016-1182"], "modified": "2023-07-12T09:59:49", "id": "E762499CA15D11429E743982AA3F2FC12E2E921DDF0F5987384DC6653A95B9A2", "href": "https://www.ibm.com/support/pages/node/7011371", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-21T01:38:57", "description": "## Summary\n\nIBM Sterling File Gateway has addressed the following vulnerabilities caused by Apach Struts 1.1\n\n## Vulnerability Details\n\n**CVEID:** [CVE-2008-2025](<https://vulners.com/cve/CVE-2008-2025>)** \nDESCRIPTION:** Apache Struts is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/49712> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N) \n\n**CVEID:** [CVE-2014-0114](<https://vulners.com/cve/CVE-2014-0114>)** \nDESCRIPTION:** Apache Struts could allow a remote attacker to execute arbitrary code on the system, caused by the failure to restrict the setting of Class Loader attributes. An attacker could exploit this vulnerability using the class parameter of an ActionForm object to manipulate the ClassLoader and execute arbitrary code on the system. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/92889> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:P)\n\n**CVEID:** [CVE-2015-0899](<https://vulners.com/cve/CVE-2015-0899>)** \nDESCRIPTION:** Apache Struts could allow a remote attacker to bypass security restrictions, caused by an error in the MultiPageValidator implementation. An attacker could exploit this vulnerability using a modified page parameter to bypass restrictions and launch further attacks on the system. This vulnerability also affects other products. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/101770> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)\n\n**CVEID:** [CVE-2016-1181](<https://vulners.com/cve/CVE-2016-1181>)** \nDESCRIPTION:** Apache Struts could allow a remote attacker to execute arbitrary code on the system, caused by the failure to protect against unintended remote operations against components on server memory by the ActionForm instance. An attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base Score: 8.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/113852> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n**CVEID:** [CVE-2016-1182](<https://vulners.com/cve/CVE-2016-1182>)** \nDESCRIPTION:** Apache Struts could allow a remote attacker to bypass security restrictions, caused by the improper validation of input by the Validator. An attacker could exploit this vulnerability to modify validation rules and error messages. \nCVSS Base Score: 4.8 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/113853> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L)\n\n## Affected Products and Versions\n\nIBM Sterling File Gateway 2.2 \n\n## Remediation/Fixes\n\n**PRODUCT & Version **\n\n| \n\n**APAR**\n\n| \n\n**Remediation/Fix** \n \n---|---|--- \nIBM Sterling File Gateway 2.2 | IT23546| \n\nApply Fix Pack 5020603_5 available on [_Fix Central_](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Other%2Bsoftware&product=ibm/Other+software/Sterling+B2B+Integrator&release=All&platform=All&function=all>) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 8.2, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 4.2}, "published": "2020-02-05T00:53:36", "type": "ibm", "title": "Security Bulletin: Multiple Apache Struts Vulnerabilities Affect IBM Sterling File Gateway", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-2025", "CVE-2014-0114", "CVE-2015-0899", "CVE-2016-1181", "CVE-2016-1182"], "modified": "2020-02-05T00:53:36", "id": "1A977E1D46AE4CB4B7068DB341125931FAD75C28D6703503973FFF9BE917887F", "href": "https://www.ibm.com/support/pages/node/301983", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-21T21:48:27", "description": "## Summary\n\nIBM WebSphere Application Server is shipped as a component of IBM Security Access Manager for Enterprise Single-Sign On. \nInformation about Security vulnerabilities affecting IBM WebSphere Application Server have been published in security bulletins.\n\n## Vulnerability Details\n\nConsult the following security bulletins for vulnerabilities and information about fixes.\n\n[Security Bulletin: Information disclosure in WebSphere Application Server (CVE-2017-1681)](<http://www-01.ibm.com/support/docview.wss?uid=swg22010419>)\n\n[Security Bulletin: Potential Privilege Escalation in WebSphere Application Server Admin Console (CVE-2017-1731)](<http://www-01.ibm.com/support/docview.wss?uid=swg22012345>)\n\n[Security Bulletin: Information disclosure in WebSphere Application Server Admin Console (CVE-2017-1741)](<http://www-01.ibm.com/support/docview.wss?uid=swg22012342>)\n\n[Security Bulletin: Information Disclosure in WebSphere Application Server (CVE-2017-1743)](<http://www-01.ibm.com/support/docview.wss?uid=swg22013601>)\n\n[Security Bulletin: Potential vulnerability in WebSphere Application Server (CVE-2015-0899)](<http://www-01.ibm.com/support/docview.wss?uid=swg22015348>)\n\n[Security Bulletin: Multiple vulnerabilities in Apache Struts and Apache Commons that is used by WebSphere Application Server UDDI](<http://www-01.ibm.com/support/docview.wss?uid=swg22016214>)\n\n[Security Bulletin: Information disclosure in WebSphere Application Server with SAML (CVE-2018-1614)](<http://www-01.ibm.com/support/docview.wss?uid=swg22016887>)\n\n[Security Bulletin: Information Disclosure in WebSphere Application Server (CVE-2018-1621)](<https://www-01.ibm.com/support/docview.wss?uid=swg22016821>)\n\n## Affected Products and Versions\n\nProduct Affected and versions | Product Fixed in and versions \n---|--- \nISAM ESSO 8.2.0, | WAS Version 7.0 \nISAM ESSO 8.2.1, 8.2.2 | WAS Version 7.0 & 8.0.0.5 \n \n## Remediation/Fixes\n\nSee Product Bulletins\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-08-15T17:24:03", "type": "ibm", "title": "Security Bulletin: Multiple Vulnerabilities found in products bundled with IBM Security Access Manager for Enterprise Single-Sign On", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0899", "CVE-2017-1681", "CVE-2017-1731", "CVE-2017-1741", "CVE-2017-1743", "CVE-2018-1614", "CVE-2018-1621"], "modified": "2018-08-15T17:24:03", "id": "8B65B2D389AC6D4B8DDABDC2C07AD570BA3BE907EA6FA4F956423A3FB683FF0C", "href": "https://www.ibm.com/support/pages/node/715649", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-05-11T15:13:38", "description": "## Summary\n\nMultiple vulnerabilities in WebSphere Application Server traditional bundled with IBM Jazz Team Server based Applications affect the following products: Collaborative Lifecycle Management (CLM), Rational DOORS Next Generation (RDNG), Rational Engineering Lifecycle Manager (RELM), Rational Team Concert (RTC), Rational Quality Manager (RQM), Rational Rhapsody Design Manager (Rhapsody DM) and Rational Software Architect Design Manager (RSA DM).\n\n## Vulnerability Details\n\n**CVEID:** [CVE-2015-0899](<https://vulners.com/cve/CVE-2015-0899>) \n**DESCRIPTION:** Apache Struts could allow a remote attacker to bypass security restrictions, caused by an error in the MultiPageValidator implementation. An attacker could exploit this vulnerability using a modified page parameter to bypass restrictions and launch further attacks on the system. This vulnerability also affects other products. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/101770> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)\n\n**CVEID:** [_CVE-2014-0114_](<https://vulners.com/cve/CVE-2014-0114>) \n**DESCRIPTION:** Apache Struts could allow a remote attacker to execute arbitrary code on the system, caused by the failure to restrict the setting of Class Loader attributes. An attacker could exploit this vulnerability using the class parameter of an ActionForm object to manipulate the ClassLoader and execute arbitrary code on the system. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/92889_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/92889>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:P)\n\n**CVEID:** [_CVE-2012-1007_](<https://vulners.com/cve/CVE-2012-1007>) \n**DESCRIPTION:** Apache Struts is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the upload-submit.do, processSimple.do and struts-cookbook/processDyna.do scripts. A remote attacker could exploit this vulnerability using the name or message parameter in a specially-crafted URL to execute script in a victim''s Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim''s cookie-based authentication credentials. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/73052_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/73052>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)\n\n**CVEID:** [_CVE-2016-1182_](<https://vulners.com/cve/CVE-2016-1182>) \n**DESCRIPTION:** Apache Struts could allow a remote attacker to bypass security restrictions, caused by the failure to properly properly restrict the Validator configuration bin ActionServlet.java. An attacker could exploit this vulnerability to modify validation rules and error messages. \nCVSS Base Score: 4.8 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/113853_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/113853>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L)\n\n**CVEID:** [_CVE-2016-1181_](<https://vulners.com/cve/CVE-2016-1181>) \n**DESCRIPTION:** Apache Struts could allow a remote attacker to execute arbitrary code on the system, caused by the failure to protect against unintended remote operations against components on server memory by the ActionForm instance. An attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base Score: 8.1 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/113852_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/113852>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n**CVEID:** [_CVE-2012-5783_ ](<https://vulners.com/cve/CVE-2012-5783>) \n**DESCRIPTION:** Apache Commons HttpClient, as used in Amazon Flexible Payments Service (FPS) merchant Java SDK and other products, could allow a remote attacker to conduct spoofing attacks, caused by the failure to verify that the server hostname matches a domain name in the subject's Common Name (CN) field of the X.509 certificate. By persuading a victim to visit a Web site containing a specially-crafted certificate, an attacker could exploit this vulnerability using man-in-the-middle techniques to spoof an SSL server. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/79984_ ](<https://exchange.xforce.ibmcloud.com/vulnerabilities/79984>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)\n\n**CVEID:** [_CVE-2018-1614_ ](<https://vulners.com/cve/CVE-2018-1614>) \n**DESCRIPTION:** IBM WebSphere Application Server using malformed SAML responses from the SAML identity provider could allow a remote attacker to obtain sensitive information. \nCVSS Base Score: 5.8 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/144270_ ](<https://exchange.xforce.ibmcloud.com/vulnerabilities/144270>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N)\n\n**CVEID:** [_CVE-2018-1621_ ](<https://vulners.com/cve/CVE-2018-1621>) \n**DESCRIPTION:** IBM WebSphere Application Server could allow a local attacker to obtain clear text password in a trace file caused by improper handling of some datasource custom properties. \nCVSS Base Score: 4.4 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/144346_ ](<https://exchange.xforce.ibmcloud.com/vulnerabilities/144346>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N)\n\n## Affected Products and Versions\n\nRational Collaborative Lifecycle Management 5.0 - 6.0.6 \n \nRational Quality Manager 5.0 - 5.0.2 \nRational Quality Manager 6.0 - 6.0.6 \n \nRational Team Concert 5.0 - 5.0.2 \nRational Team Concert 6.0 - 6.0.6 \n \nRational DOORS Next Generation 5.0 - 5.0.2 \nRational DOORS Next Generation 6.0 - 6.0.6 \n \nRational Engineering Lifecycle Manager 5.0 - 5.0.2 \nRational Engineering Lifecycle Manager 6.0 - 6.0.6 \n \nRational Rhapsody Design Manager 5.0 - 5.0.2 \nRational Rhapsody Design Manager 6.0 - 6.0.6 \n \nRational Software Architect Design Manager 5.0 - 5.0.2 \nRational Software Architect Design Manager 6.0 - 6.0.1\n\n## Remediation/Fixes\n\nThe IBM Jazz Team Server based Applications bundle different versions of IBM WebSphere Application Server with the available versions of the products, and in addition to the bundled version some previous versions of WAS are also supported. For a remediation follow the WAS security bulletin appropriately.\n\nFor vulnerability details/affected versions/Remediation and fixes, review the Security Bulletins:\n\n * [Security Bulletin: Potential vulnerability in WebSphere Application Server (CVE-2015-0899)](<http://www.ibm.com/support/docview.wss?uid=swg22015348>)\n * [Security Bulletin: Multiple vulnerabilities in Apache Struts and Apache Commons that is used by WebSphere Application Server UDDI](<http://www.ibm.com/support/docview.wss?uid=swg22016214>)\n * [Security Bulletin: Information disclosure in Apache Commons HttpClient used by WebSphere Application Server (CVE-2012-5783)](<http://www.ibm.com/support/docview.wss?uid=swg22016216>)\n * [Security Bulletin: Information disclosure in WebSphere Application Server with SAML (CVE-2018-1614)](<http://www.ibm.com/support/docview.wss?uid=swg22016887>)\n * [Security Bulletin: Information Disclosure in WebSphere Application Server (CVE-2018-1621)](<http://www.ibm.com/support/docview.wss?uid=swg22016821>)\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 8.2, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 4.2}, "published": "2021-04-28T18:35:50", "type": "ibm", "title": "Security Bulletin: Multiple vulnerabilities in WebSphere Application Server affect IBM Rational products based on IBM Jazz technology", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-1007", "CVE-2012-5783", "CVE-2014-0114", "CVE-2015-0899", "CVE-2016-1181", "CVE-2016-1182", "CVE-2018-1614", "CVE-2018-1621"], "modified": "2021-04-28T18:35:50", "id": "3D8540513E9389E52505EF4CCF99C1FC5DC8928BFA49128170D48087D1264725", "href": "https://www.ibm.com/support/pages/node/717509", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-22T01:46:58", "description": "## Summary\n\nThe following security issues have been identified in the WebSphere Application Server included as part of IBM Tivoli Monitoring (ITM) portal server. \n\n## Vulnerability Details\n\n**CVEID:** [CVE-2015-0899](<https://vulners.com/cve/CVE-2015-0899>)\n\n**DESCRIPTION:** Apache Struts could allow a remote attacker to bypass security restrictions, caused by an error in the MultiPageValidator implementation. An attacker could exploit this vulnerability using a modified page parameter to bypass restrictions and launch further attacks on the system. This vulnerability also affects other products. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/101770>\n\nfor the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)\n\n**CVEID:** [CVE-2012-5783](<https://vulners.com/cve/CVE-2012-5783>)\n\n**DESCRIPTION:** Apache Commons HttpClient, as used in Amazon Flexible Payments Service (FPS) merchant Java SDK and other products, could allow a remote attacker to conduct spoofing attacks, caused by the failure to verify that the server hostname matches a domain name in the subject's Common Name (CN) field of the X.509 certificate. By persuading a victim to visit a Web site containing a specially-crafted certificate, an attacker could exploit this vulnerability using man-in-the-middle techniques to spoof an SSL server. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/79984>\n\nfor the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)\n\n**CVEID:** [CVE-2018-1643](<https://vulners.com/cve/CVE-2018-1643>)\n\n**DESCRIPTION:** The Installation Verification Tool of IBM WebSphere Application Server is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. \nCVSS Base Score: 6.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/144588> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n**CVEID:** [CVE-2018-1567](<https://vulners.com/cve/CVE-2018-1567>)\n\n**DESCRIPTION:** IBM WebSphere Application Server could allow remote attackers to execute arbitrary Java code through the SOAP connector with a serialized object from untrusted sources. \nCVSS Base Score: 9.8 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/143024>\n\nfor the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n**CVEID:** [CVE-2018-1621](<https://vulners.com/cve/CVE-2018-1621>)\n\n**DESCRIPTION:** IBM WebSphere Application Server could allow a local attacker to obtain clear text password in a trace file caused by improper handling of some datasource custom properties. \nCVSS Base Score: 4.4 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/144346>\n\nfor the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N)\n\n**CVEID:** [CVE-2018-1695](<https://vulners.com/cve/CVE-2018-1695>)\n\n**DESCRIPTION:** IBM WebSphere Application Server installations using Form Login could allow a remote attacker to conducts spoofing attacks. \nCVSS Base Score: 7.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/145769>\n\nfor the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [CVE-2018-1770](<https://vulners.com/cve/CVE-2018-1770>)\n\n**DESCRIPTION:** IBM WebSphere Application Server could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing \"dot dot\" sequences (/../) to view arbitrary files on the system. \nCVSS Base Score: 6.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/148686>\n\nfor the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)\n\n**CVEID:** [CVE-2018-1797](<https://vulners.com/cve/CVE-2018-1797>)\n\n**DESCRIPTION:** IBM WebSphere Application Server using Enterprise bundle Archives (EBA) could allow a local attacker to traverse directories on the system. By persuading a victim to extract a specially-crafted ZIP archive containing \"dot dot slash\" sequences (../), an attacker could exploit this vulnerability to write to arbitrary files on the system. Note: This vulnerability is known as \"Zip-Slip\". \nCVSS Base Score: 6.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/149427>\n\nfor the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N)\n\n**CVEID:** [CVE-2014-7810](<https://vulners.com/cve/CVE-2014-7810>)\n\n**DESCRIPTION:** Apache Tomcat could allow a remote attacker to bypass security restrictions, caused by the use of expression language. An attacker could exploit this vulnerability to bypass the protections of a Security Manager.\n\nCVSS Base Score: 5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/103155>\n\nfor the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/\n\n## Affected Products and Versions\n\nIBM Tivoli Monitoring versions 6.3.0 through 6.3.0 FP7 - Tivoli Enterprise Portal Server (TEPS) all CVEs above. \n \nIBM Tivoli Monitoring versions 6.2.3 through 6.2.3 FP5 - Tivoli Enterprise Portal Server (TEPS) all CVE's except for CVE-2018-1643 and CVE-2018-1797\n\n## Remediation/Fixes\n\n**_Fix_**\n\n| **_VMRF_** | **_Remediation/First Fix_** \n---|---|--- \n6.X.X-TIV-ITM_TEPS_EWAS_8.0.15.02 | 6.3.0.x | <https://www.ibm.com/support/docview.wss?uid=ibm10869914> \nTechnote | 6.2.3.x | <http://www.ibm.com/support/docview.wss?uid=swg21633720> \n \nContains information and script which the details for downloading and installing the embedded WebSphere Application Server (eWAS) patches for IBM Tivoli Monitoring 6.23. The scripts provided are for supported unix, linux and windows platforms. \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-02-07T20:40:01", "type": "ibm", "title": "Security Bulletin: Multiple vulnerabilities affect IBM Tivoli Monitoring embedded WebSphere Application Server", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-5783", "CVE-2014-7810", "CVE-2015-0899", "CVE-2018-1567", "CVE-2018-1621", "CVE-2018-1643", "CVE-2018-1695", "CVE-2018-1770", "CVE-2018-1797"], "modified": "2019-02-07T20:40:01", "id": "F15BA9EC0C1FC4624C7DDC90D046A7A3558B86CF13B121A8778B5BA8562491DC", "href": "https://www.ibm.com/support/pages/node/796180", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-21T21:44:42", "description": "## Summary\n\nThere are multiple security vulnerabilities that affect IBM WebSphere Application Server in IBM Cloud.\n\n## Vulnerability Details\n\n**CVEID:** [CVE-2017-1743](<https://vulners.com/cve/CVE-2017-1743>) \n**DESCRIPTION:** IBM WebSphere Application Server could allow a remote attacker to obtain sensitive information caused by improper handling of Administrative Console panel fields. When exploited an attacker could browse the file system. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/134933> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [CVE-2015-0899](<https://vulners.com/cve/CVE-2015-0899>) \n**DESCRIPTION:** Apache Struts could allow a remote attacker to bypass security restrictions, caused by an error in the MultiPageValidator implementation. An attacker could exploit this vulnerability using a modified page parameter to bypass restrictions and launch further attacks on the system. This vulnerability also affects other products. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/101770> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)\n\n**CVEID:** [CVE-2018-1447](<https://vulners.com/cve/CVE-2018-1447>) \n**DESCRIPTION:** The GSKit CMS KDB logic fails to salt the hash function resulting in weaker than expected protection of passwords. A weak password may be recovered. Note: After update the customer should change password to ensure the new password is stored more securely. Products should encourage customers to take this step as a high priority action. \nCVSS Base Score: 5.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/139972> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)\n\n**CVEID:** [CVE-2018-1553](<https://vulners.com/cve/CVE-2018-1553>) \n**DESCRIPTION:** IBM WebSphere Application Server Liberty could allow a remote attacker to obtain sensitive information, caused by mishandling of exceptions by the SAML Web SSO feature. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/142890> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [CVE-2012-5783](<https://vulners.com/cve/CVE-2012-5783>) \n**DESCRIPTION:** Apache Commons HttpClient, as used in Amazon Flexible Payments Service (FPS) merchant Java SDK and other products, could allow a remote attacker to conduct spoofing attacks, caused by the failure to verify that the server hostname matches a domain name in the subject's Common Name (CN) field of the X.509 certificate. By persuading a victim to visit a Web site containing a specially-crafted certificate, an attacker could exploit this vulnerability using man-in-the-middle techniques to spoof an SSL server. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/79984> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)\n\n**CVEID:** [CVE-2014-0114](<https://vulners.com/cve/CVE-2014-0114>) \n**DESCRIPTION:** Apache Struts could allow a remote attacker to execute arbitrary code on the system, caused by the failure to restrict the setting of Class Loader attributes. An attacker could exploit this vulnerability using the class parameter of an ActionForm object to manipulate the ClassLoader and execute arbitrary code on the system. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/92889> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:P)\n\n**CVEID:** [CVE-2012-1007](<https://vulners.com/cve/CVE-2012-1007>) \n**DESCRIPTION:** Apache Struts is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the upload-submit.do, processSimple.do and struts-cookbook/processDyna.do scripts. A remote attacker could exploit this vulnerability using the name or message parameter in a specially-crafted URL to execute script in a victim''s Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim''s cookie-based authentication credentials. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/73052> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)\n\n**CVEID:** [CVE-2016-1182](<https://vulners.com/cve/CVE-2016-1182>) \n**DESCRIPTION:** Apache Struts could allow a remote attacker to bypass security restrictions, caused by the failure to properly properly restrict the Validator configuration bin ActionServlet.java. An attacker could exploit this vulnerability to modify validation rules and error messages. \nCVSS Base Score: 4.8 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/113853> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L)\n\n**CVEID:** [CVE-2016-1181](<https://vulners.com/cve/CVE-2016-1181>) \n**DESCRIPTION:** Apache Struts could allow a remote attacker to execute arbitrary code on the system, caused by the failure to protect against unintended remote operations against components on server memory by the ActionForm instance. An attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base Score: 8.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/113852> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n**CVEID:** [CVE-2017-3732](<https://vulners.com/cve/CVE-2017-3732>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by a carry propagating bug in the x86_64 Montgomery squaring procedure. An attacker could exploit this vulnerability to obtain information about the private key. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/121313> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [CVE-2017-3736](<https://vulners.com/cve/CVE-2017-3736>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by a carry propagation flaw in the x86_64 Montgomery squaring function bn_sqrx8x_internal(). An attacker with online access to an unpatched system could exploit this vulnerability to obtain information about the private key. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/134397> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)\n\n**CVEID:** [CVE-2018-1427](<https://vulners.com/cve/CVE-2018-1427>) \n**DESCRIPTION:** IBM GSKit contains several enviornment variables that a local attacker could overflow and cause a denial of service. \nCVSS Base Score: 6.2 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/139072> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2018-1426](<https://vulners.com/cve/CVE-2018-1426>) \n**DESCRIPTION:** IBM GSKit duplicates the PRNG state across fork() system calls when multiple ICC instances are loaded which could result in duplicate Session IDs and a risk of duplicate key material. \nCVSS Base Score: 7.4 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/139071> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N)\n\n**CVEID:** [_CVE-2016-0702_](<https://vulners.com/cve/CVE-2016-0702>) \n**DESCRIPTION:** OpenSSL could allow a local attacker to obtain sensitive information, caused by a side-channel attack against a system based on the Intel Sandy-Bridge microarchitecture. An attacker could exploit this vulnerability to recover RSA keys. \nCVSS Base Score: 2.9 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/111144_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/111144>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n## Affected Products and Versions\n\nThis vulnerability affects the following versions and releases of IBM WebSphere Application Server: \nLiberty \nVersion 9.0 \nVersion 8.5\n\n## Remediation/Fixes\n\nTo patch an existing service instance refer to the IBM WebSphere Application Server bulletins listed below:\n\n1\\. [Security Bulletin: Information Disclosure in WebSphere Application Server (CVE-2017-1743)](<http://www-01.ibm.com/support/docview.wss?uid=swg22013601>)\n\n2\\. [Security Bulletin: Potential vulnerability in WebSphere Application Server (CVE-2015-0899)](<http://www-01.ibm.com/support/docview.wss?uid=swg22015348>)\n\n3\\. [ Security Bulletin: Multiple vulnerabilities GSKit bundled with IBM HTTP Server](<http://www-01.ibm.com/support/docview.wss?uid=swg22015347>)\n\n4\\. [Security Bulletin: Information disclosure in WebSphere Application Server Liberty (CVE-2018-1553)](<http://www-01.ibm.com/support/docview.wss?uid=swg22016218>)\n\n5\\. [Security Bulletin: Information disclosure in Apache Commons HttpClient used by WebSphere Application Server (CVE-2012-5783)](<http://www-01.ibm.com/support/docview.wss?uid=swg22016216>)\n\n6\\. [Security Bulletin: Multiple vulnerabilities in Apache Struts and Apache Commons that is used by WebSphere Application Server UDDI](<http://www-01.ibm.com/support/docview.wss?uid=swg22016214>)\n\n7\\. [Security Bulletin: Multiple vulnerabilities GSKit bundled with IBM HTTP Server](<http://www-01.ibm.com/support/docview.wss?uid=swg22015347>)\n\nAlternatively, delete the vulnerable service instance and create a new instance. \n\n\n## Workarounds and Mitigations\n\nnone.\n\n## Monitor IBM Cloud Status for Future Security Bulletins\n\nMonitor the [security notifications](<https://cloud.ibm.com/status?selected=security>) on the IBM Cloud Status page to be advised of future security bulletins.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\n20 July 2018: original document published \n28 January 2019: Added CVE-2016-0702 to vulnerability details\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nReview the [IBM security bulletin disclaimer and definitions](<https://www.ibm.com/support/pages/node/6610583#disclaimer>) regarding your responsibilities for assessing potential impact of security vulnerabilities to your environment.\n\n[{\"Business Unit\":{\"code\":\"BU053\",\"label\":\"Cloud & Data Platform\"},\"Product\":{\"code\":\"SSKKCK\",\"label\":\"IBM WebSphere Application Server in IBM Cloud\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF016\",\"label\":\"Linux\"}],\"Version\":\"All Versions\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB36\",\"label\":\"IBM Automation\"}}]", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2019-01-28T14:05:02", "type": "ibm", "title": "Security Bulletin: Multiple security vulnerabilities affect IBM WebSphere Application Server in IBM Cloud", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-1007", "CVE-2012-5783", "CVE-2014-0114", "CVE-2015-0899", "CVE-2016-0702", "CVE-2016-1181", "CVE-2016-1182", "CVE-2017-1743", "CVE-2017-3732", "CVE-2017-3736", "CVE-2018-1426", "CVE-2018-1427", "CVE-2018-1447", "CVE-2018-1553"], "modified": "2019-01-28T14:05:02", "id": "DEAFA2DB54593AA80919E191E6F6089E8FC07DD6414224DF7420DF6F55DF4BC8", "href": "https://www.ibm.com/support/pages/node/717691", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-21T01:44:47", "description": "## Summary\n\nIBM Business Process Manager is shipped as a component of IBM Cloud Orchestrator, IBM Cloud Orchestrator Enterprise, IBM SmartCloud Orchestrator, and IBM SmartCloud Orchestrator Enterprise.\n\n## Vulnerability Details\n\nReview the following security bulletins for IBM Business Process Manager for vulnerability details and information about fixes. \n \n\n\n * [Security Bulletin: Multiple security vulnerabilities have been identified in IBM WebSphere Application Server shipped with IBM Business Process Manager, WebSphere Process Server, WebSphere Dynamic Process Edition, and WebSphere Lombardi Edition](<http://www-01.ibm.com/support/docview.wss?uid=swg21986205>)\n * [IBM Security Bulletin: Cross Site Scripting vulnerability in IBM Business Process Manager (CVE-2016-5901)](<http://www-01.ibm.com/support/docview.wss?uid=swg21990852>)\n * [IBM Security Bulletin: HTML injection vulnerability in Business Space might affect IBM Business Process Manager (CVE-2016-3056)](<http://www-01.ibm.com/support/docview.wss?uid=swg21990850>)\n * [IBM Security Bulletin: Security vulnerabilities in IBM SDK for Node.js might affect IBM Business Process Manager (BPM) Configuration Editor (CVE-2014-9748, CVE-2016-1669)](<http://www-01.ibm.com/support/docview.wss?uid=swg21990841>)\n * [IBM Security Bulletin: Security vulnerabilities in Apache Struts might affect IBM Business Process Manager and WebSphere Lombardi Edition (CVE-2016-1181, CVE-2016-1182, CVE-2015-0899)](<http://www-01.ibm.com/support/docview.wss?uid=swg21990834>)\n[](<http://www-01.ibm.com/support/docview.wss?uid=swg21985316>)\n\n * [Security Bulletin: A Security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Business Process Manager, WebSphere Process Server and WebSphere Lombardi Edition (CVE-2015-0254)](<http://www-01.ibm.com/support/docview.wss?uid=swg21985316>)\n * [Security Bulletin: Multiple vulnerabilities in WebSphere Application Server affect IBM Business Process Manager, WebSphere Process Server and WebSphere Lombardi Edition (Java CPU April 2016)](<http://www-01.ibm.com/support/docview.wss?uid=swg21982559>)\n * [Security Bulletin: A Security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Business Process Manager, WebSphere Process Server and WebSphere Lombardi Edition (CVE-2016-0306)](<http://www-01.ibm.com/support/docview.wss?uid=swg21981008>)\n * [Security Bulletin: Multiple security vulnerabilities in Business Space affect IBM Business Process Manager and WebSphere Process Server (CVE-2015-7407, CVE-2015-7400, CVE-2015-7454)](<http://www-01.ibm.com/support/docview.wss?uid=swg21972005>)\n * [Security Bulletin: Cross-Site scripting vulnerability in IBM Business Process Manager document list control (CVE-2016-0227)](<http://www-01.ibm.com/support/docview.wss?uid=swg21978058>)\n \n\n\n * [Security Bulletin: Multiple Cross-Site scripting vulnerabilities in IBM Business Process Manager Process Portal (CVE-2015-8524)](<http://www-01.ibm.com/support/docview.wss?uid=swg21974472>) ** \n**\n * [Security Bulletin: IBM Business Process Manager authorization checks for process and task deletion are insufficient (CVE-2015-7463)](<http://www-01.ibm.com/support/docview.wss?uid=swg21973442>)\n * [Security Bulletin: Security vulnerabilities have been identified in IBM WebSphere Application Server shipped with IBM Business Process Manager and WebSphere Lombardi Edition (CVE-2016-0483, CVE-2016-0475, CVE-2016-0466, CVE-2015-7575, CVE-2016-0448)](<http://www-01.ibm.com/support/docview.wss?uid=swg21977021>)\n \n\n\n * [Security Bulletin: A Security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Business Process Manager, WebSphere Process Server and WebSphere Lombardi Edition (CVE-2015-7417)](<http://www.ibm.com/support/docview.wss?uid=swg21975121&myns=swgws&mynp=OCSSFTDH&mynp=OCSSFTBX&mynp=OCSSFTN5&mynp=OCSSFPRP&mynp=OCSSQH9M&mync=E&cm_sp=swgws-_-OCSSFTDH-OCSSFTBX-OCSSFTN5-OCSSFPRP-OCSSQH9M-_-E>) \n \n\n * [Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Process Designer used in IBM Business Process Manager and WebSphere Lombardi Edition (CVE-2015-2613, CVE-2015-2601, CVE-2015-4749, CVE-2015-2625, CVE-2015-1931, CVE-2015-4872)](<http://www-01.ibm.com/support/docview.wss?uid=swg21972165>) \n \n\n * [Security Bulletin: Vulnerabilities in IBM SDK for Node.js affect IBM Business Process Manager Configuration Editor (CVE-2015-8027, CVE-2015-3194, CVE-2015-3195, CVE-2015-3196)](<http://www-01.ibm.com/support/docview.wss?uid=swg21974459>) \n \n\n * [Security Bulletin: Vulnerability in Apache Commons affects IBM Business Process Manager (CVE-2015-7450)](<http://www.ibm.com/support/docview.wss?uid=swg21972046>) \n \n\n * [Security Bulletin: Security vulnerabilities have been identified in IBM WebSphere Application Server shipped with IBM Business Process Manager and WebSphere Lombardi Edition (CVE-2015-7450, CVE-2015-2017, CVE-2015-4872, CVE-2015-4734, CVE-2015-5006)](<http://www.ibm.com/support/docview.wss?uid=swg21970332>) \n \n\n * [Security Bulletin: Multiple Cross-Site scripting vulnerabilities in IBM Business Process Manager dashboards (CVE-2015-4955)](<http://www.ibm.com/support/docview.wss?uid=swg21966010>) \n \n\n * [Security Bulletin: IBM Business Process Manager (BPM) document store is susceptible to XXE (XML External Entity) attacks. (CVE-2013-5452)](<http://www.ibm.com/support/docview.wss?uid=swg21963014>)[ \n \n](<http://www.ibm.com/support/docview.wss?uid=swg21965001>)\n * [Security Bulletin: Multiple vulnerabilities in WebSphere Application Server affect IBM Business Process Manager and WebSphere Lombardi Edition (CVE-2015-1932, CVE-2015-4938, CVE-2015-1946)](<http://www.ibm.com/support/docview.wss?uid=swg21965001>) \n \n\n * [Security Bulletin: Missing authorization concept for document upload and download in IBM Business Process Manager (BPM) CMIS integration (CVE-2015-1904)](<http://www.ibm.com/support/docview.wss?uid=swg21960293>) \n \n\n * [Security Bulletin: Multiple vulnerabilities in WebSphere Application Server affect IBM Business Process Manager and WebSphere Lombardi Edition (Java CPU July 2015 - CVE-2015-2613, CVE-2015-2601, CVE-2015-4749, CVE-2015-2625, CVE-2015-1931)](<http://www.ibm.com/support/docview.wss?uid=swg21962805>) \n \n\n * [Security Bulletin: Multiple security vulnerabilities in ElasticSearch might affect Process Federation Server (PFS) in IBM Business Process Manager (BPM) - CVE-2015-5531, CVE-2015-5377](<http://www.ibm.com/support/docview.wss?uid=swg21964010>)[ \n \n](<http://www.ibm.com/support/docview.wss?uid=swg21697944>)\n * [Security Bulletin: Cross-site scripting vulnerabilities in IBM Business Process Manager (BPM) and WebSphere Lombardi Edition (WLE) error handling (CVE-2015-0193)](<http://www.ibm.com/support/docview.wss?uid=swg21697944>)[ \n](<http://www.ibm.com/support/docview.wss?uid=swg21699938>)\n * [Security Bulletin: Vulnerabilities in IBM SDK for Node.js affect IBM Business Process Manager Configuration Editor (CVE-2014-3569, CVE-2014-3570, CVE-2014-3571, CVE-2014-3572, CVE-2014-8275, CVE-2015-0204, CVE-2015-0205, CVE-2015-0206) \n \n](<http://www.ibm.com/support/docview.wss?uid=swg21699938>)\n * [Security Bulletin: Multiple vulnerabilities in WebSphere Application Server affect IBM Business Process Manager and WebSphere Lombardi Edition (CVE-2015-1885, CVE-2015-1946, CVE-2015-1927)](<http://www.ibm.com/support/docview.wss?uid=swg21699938>)[ \n \n](<http://www.ibm.com/support/docview.wss?uid=swg21903346>)\n * [Security Bulletin: A security vulnerability has been identified in WebSphere Application Server shipped with IBM Business Process Manager (BPM), WebSphere Process Server (WPS), and WebSphere Lombardi Edition (WLE): CVE-2015-1920](<http://www.ibm.com/support/docview.wss?uid=swg21903346>) \n \n\n * [Security Bulletin: Multiple vulnerabilities in IBM SDK Java\u2122 Technology Edition affect IBM Business Process Manager and WebSphere Lombardi Edition April 2015 CPU (CVE-2015-0488, CVE-2015-0478, CVE-2015-1916)](<http://www.ibm.com/support/docview.wss?uid=swg21959306>) \n \n\n * [Security Bulletin: Vulnerability with Diffie-Hellman ciphers may affect WebSphere Lombardi Edition and IBM Business Process Manager (CVE-2015-4000)](<http://www.ibm.com/support/docview.wss?uid=swg21959097>) \n \n\n * [Security Bulletin: Vulnerability in RC4 stream cipher affects WebSphere Lombardi Edition and IBM Business Process Manager (CVE-2015-2808)](<http://www.ibm.com/support/docview.wss?uid=swg21882624>)[ \n \n](<http://www.ibm.com/support/docview.wss?uid=swg21699935>)\n * [Security Bulletin: Multiple vulnerabilities in IBM SDK Java\u2122 Technology Edition affect IBM Business Process Manager and WebSphere Lombardi Edition (CVE-2015-0138 CVE-2014-6593 CVE-2015-0400 CVE-2015-0410)](<http://www.ibm.com/support/docview.wss?uid=swg21699935>) \n \n\n * [Security Bulletin: Multiple vulnerabilities in IBM SDK for Java Technology Edition affect IBM Business Process Manager and WebSphere Lombardi Edition (CVE-2014-6512, CVE-2014-6457, CVE-2014-6558, CVE-2014-3566)](<http://www.ibm.com/support/docview.wss?uid=swg21692787>) \n \n\n * [Security Bulletin: Vulnerability in SSLv3 affects IBM Business Process Manager (CVE-2014-3566)](<http://www.ibm.com/support/docview.wss?uid=swg21689466>) \n \n\n * [Security Bulletin: TLS padding vulnerability affects IBM HTTP Server shipped with IBM Business Process Manager family products (CVE-2014-8730)](<http://www.ibm.com/support/docview.wss?uid=swg21692582>)\n * * Security Bulletin: Cross-Site Scripting vulnerabilities in Dojo affect IBM Business Process Manager (BPM), WebSphere Lombardi Edition (WLE), and WebSphere Process Server (WPS) - CVE-2014-8917\n\n## Affected Products and Versions\n\n** Principal Product and Version**\n\n| ** Affected Supporting Product and Version** \n---|--- \nIBM Cloud Orchestrator 2.5, 2.5.0.1, 2.5.0.1 Interim Fix1, 2.5.0.2 \nIBM Cloud Orchestrator Enterprise 2.5.0.1, 2.5.0.1 Interim Fix1, 2.5.0.2| IBM Business Process Manager Standard 8.5.6 \nIBM Cloud Orchestrator 2.4, 2.4.0.1, 2.4.0.2, 2.4.0.3 \n\nIBM Cloud Orchestrator Enterprise 2.4, 2.4.0.1, 2.4.0.2, 2.4.0.3\n\n| IBM Business Process Manager Standard 8.5.0.1 \nIBM SmartCloud Orchestrator 2.3 and 2.3.0.1 \n\nIBM SmartCloud Orchestrator Enterprise 2.3 and 2.3.0.1\n\n| IBM Business Process Manager Standard 8.5 \n \n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-06-17T22:30:51", "type": "ibm", "title": "Security Bulletin: Multiple vulnerabilities in IBM Business Process Manager shipped with IBM Cloud Orchestrator and IBM SmartCloud Orchestrator", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-5452", "CVE-2014-3566", "CVE-2014-3569", "CVE-2014-3570", "CVE-2014-3571", "CVE-2014-3572", "CVE-2014-6457", "CVE-2014-6512", "CVE-2014-6558", "CVE-2014-6593", "CVE-2014-8275", "CVE-2014-8730", "CVE-2014-8917", "CVE-2014-9748", "CVE-2015-0138", "CVE-2015-0193", "CVE-2015-0204", "CVE-2015-0205", "CVE-2015-0206", "CVE-2015-0254", "CVE-2015-0400", "CVE-2015-0410", "CVE-2015-0478", "CVE-2015-0488", "CVE-2015-0899", "CVE-2015-1885", "CVE-2015-1904", "CVE-2015-1916", "CVE-2015-1920", "CVE-2015-1927", "CVE-2015-1931", "CVE-2015-1932", "CVE-2015-1946", "CVE-2015-2017", "CVE-2015-2601", "CVE-2015-2613", "CVE-2015-2625", "CVE-2015-2808", "CVE-2015-3194", "CVE-2015-3195", "CVE-2015-3196", "CVE-2015-4000", "CVE-2015-4734", "CVE-2015-4749", "CVE-2015-4872", "CVE-2015-4938", "CVE-2015-4955", "CVE-2015-5006", "CVE-2015-5377", "CVE-2015-5531", "CVE-2015-7400", "CVE-2015-7407", "CVE-2015-7417", "CVE-2015-7450", "CVE-2015-7454", "CVE-2015-7463", "CVE-2015-7575", "CVE-2015-8027", "CVE-2015-8524", "CVE-2016-0227", "CVE-2016-0306", "CVE-2016-0448", "CVE-2016-0466", "CVE-2016-0475", "CVE-2016-0483", "CVE-2016-1181", "CVE-2016-1182", "CVE-2016-1669", "CVE-2016-3056", "CVE-2016-5901"], "modified": "2018-06-17T22:30:51", "id": "104BE807C8577FF816DF414B5A588FABB581711BB54758F6F49C7CAC17CD68BE", "href": "https://www.ibm.com/support/pages/node/261377", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-23T21:43:51", "description": "## Summary\n\nMultiple security vulnerabilities have been identified and fixed in the IBM Security Privileged Identity Manager Appliance.\n\n## Vulnerability Details\n\n**CVEID:** [CVE-2018-1049](<https://vulners.com/cve/CVE-2018-1049>) \n**DESCRIPTION:** Systemd is vulnerable to a denial of service, caused by a race condition between .mount and .automount units. A remote authenticated attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base Score: 6.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/138105> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2017-3738](<https://vulners.com/cve/CVE-2017-3738>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli. An attacker could exploit this vulnerability to obtain information about the private key. Note: In order to exploit this vulnerability, the server would have to share the DH1024 private key among multiple clients, which is no longer an option since CVE-2016-0701. \nCVSS Base Score: 3.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/136078> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [CVE-2017-3737](<https://vulners.com/cve/CVE-2017-3737>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to bypass security restrictions, caused by a flaw in the \\\"error state\\\" mechanism when directly calling SSL_read() or SSL_write() for an SSL object after receiving a fatal error. An attacker could exploit this vulnerability to bypass the decryption or encryption process and perform unauthorized actions. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/136077> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)\n\n**CVEID:** [CVE-2017-3736](<https://vulners.com/cve/CVE-2017-3736>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by a carry propagation flaw in the x86_64 Montgomery squaring function bn_sqrx8x_internal(). An attacker with online access to an unpatched system could exploit this vulnerability to obtain information about the private key. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/134397> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)\n\n**CVEID:** [CVE-2017-6464](<https://vulners.com/cve/CVE-2017-6464>) \n**DESCRIPTION:** NTP is vulnerable to a denial of service. A remote authenticated attacker could exploit this vulnerability using a malformed mode configuration directive to cause the application to crash. \nCVSS Base Score: 4.2 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/123610> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2017-6463](<https://vulners.com/cve/CVE-2017-6463>) \n**DESCRIPTION:** NTP is vulnerable to a denial of service. By sending an invalid setting, a remote authenticated attacker could exploit this vulnerability using the :config directive to cause the daemon to crash. \nCVSS Base Score: 4.2 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/123612> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2017-6462](<https://vulners.com/cve/CVE-2017-6462>) \n**DESCRIPTION:** NTP is vulnerable to a denial of service, caused by a buffer overflow in the legacy Datum Programmable Time Server refclock driver. By sending specially crafted packets, a local authenticated attacker could exploit this vulnerability to overflow a buffer and cause a denial of service. \nCVSS Base Score: 1.6 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/123611> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:P/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2018-3639](<https://vulners.com/cve/CVE-2018-3639>) \n**DESCRIPTION:** Multiple Intel CPU's could allow a local attacker to obtain sensitive information, caused by utilizing sequences of speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known. By conducting targeted cache side-channel attacks, an attacker could exploit this vulnerability to bypass security restrictions and gain read access to privileged memory. Note: This vulnerability is the Speculative Store Bypass (SSB), also known as Variant 4 or \"SpectreNG\". \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/143569> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N)\n\n**CVEID:** [CVE-2017-11368](<https://vulners.com/cve/CVE-2017-11368>) \n**DESCRIPTION:** MIT Kerberos 5 is vulnerable to a denial of service, caused by a KDC assertion failure. By sending a specially-crafted request, a remote authenticated attacker could exploit this vulnerability to cause memory allocation failure. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/130207> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2017-7562](<https://vulners.com/cve/CVE-2017-7562>) \n**DESCRIPTION:** MIT krb5 could allow a remote authenticated attacker to bypass security restrictions, caused by the improper validation of a forged certificate EKU and SAN. An attacker could exploit vulnerability to gain unauthorized access to the system to impersonate arbitrary principals under rare and erroneous circumstances. \nCVSS Base Score: 6.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/143332> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N)\n\n**CVEID:** [CVE-2017-1000407](<https://vulners.com/cve/CVE-2017-1000407>) \n**DESCRIPTION:** Linux Kernel, built with the KVM virtualization(CONFIG_KVM) support, is vulnerable to a denial of service, caused by improper validation of user-supplied input at the diagnostic port. By flooding the diagnostic port 0x80, a remote authenticated attacker could exploit this vulnerability to cause the system to crash. \nCVSS Base Score: 6.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/136235> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2017-18017](<https://vulners.com/cve/CVE-2017-18017>) \n**DESCRIPTION:** Linux Kernel is vulnerable to a denial of service, caused by a use-after-free flaw in the tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c. By leveraging the presence of xt_TCPMSS in an iptables action, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/137122> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2017-15116](<https://vulners.com/cve/CVE-2017-15116>) \n**DESCRIPTION:** Linux Kernel is vulnerable to a denial of service, caused by NULL pointer dereference in the rngapi_reset function in crypto/rng.c. By sending a specially-crafted packet, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/135735> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2017-15670](<https://vulners.com/cve/CVE-2017-15670>) \n**DESCRIPTION:** GNU C Library is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the glob function in glob.c. By sending a specially-crafted string, a remote attacker could overflow a buffer and execute arbitrary code on the system. \nCVSS Base Score: 7.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/133915> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [CVE-2017-12132](<https://vulners.com/cve/CVE-2017-12132>) \n**DESCRIPTION:** GNU C Library (aka glibc or libc6) could allow a remote attacker to conduct spoofing attacks, caused by a flaw in the DNS stub resolver. An attacker could exploit this vulnerability to perform off-path DNS spoofing attacks. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/129949> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)\n\n**CVEID:** [CVE-2015-5180](<https://vulners.com/cve/CVE-2015-5180>) \n**DESCRIPTION:** glibc is vulnerable to a denial of service, caused by a NULL pointer dereference in the res_query function in libresolv. By using a malformed pattern, a remote attacker could cause the process to crash. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/130620> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2018-1000199](<https://vulners.com/cve/CVE-2018-1000199>) \n**DESCRIPTION:** Linux Kernel is vulnerable to a denial of service, caused by a ptrace() error handling flaw. By invoking the modify_user_hw_breakpoint() function, a local attacker could exploit this vulnerability to cause the kernel to crash. \nCVSS Base Score: 6.2 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/142654> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2018-8897](<https://vulners.com/cve/CVE-2018-8897>) \n**DESCRIPTION:** Multiple operating systems could allow a local authenticated attacker to gain elevated privileges on the system, caused by developer interpretation of hardware debug exception documentation for the MOV to SS and POP SS instructions. An attacker could exploit this vulnerability using operating system APIs to obtain sensitive memory information or control low-level operating system functions and other unexpected behavior. \nCVSS Base Score: 7 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/142242> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H)\n\n**CVEID:** [CVE-2018-1091](<https://vulners.com/cve/CVE-2018-1091>) \n**DESCRIPTION:** Linux Kernel is vulnerable to a denial of service, caused by a missing processor feature check in the flush_tmregs_to_thread function. A local attacker could exploit this vulnerability to cause the guest kernel to crash. \nCVSS Base Score: 6.2 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/140892> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2018-1087](<https://vulners.com/cve/CVE-2018-1087>) \n**DESCRIPTION:** Linux Kernel could allow a local attacker to gain elevated privileges on the system, caused by the improper handling of exceptions delivered after a stack switch operation using the MOV to SS and POP SS instructions by the KVM hypervisor. An attacker could exploit this vulnerability to gain elevated privileges or cause the guest to crash. \nCVSS Base Score: 8.4 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/142976> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n**CVEID:** [CVE-2018-1068](<https://vulners.com/cve/CVE-2018-1068>) \n**DESCRIPTION:** Linux Kernel could allow a local authenticated attacker to gain elevated privileges on the system, caused by an error in the implementation of 32 bit syscall interface. An attacker could exploit this vulnerability to gain root privileges on the system. \nCVSS Base Score: 8.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/140403> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H)\n\n**CVEID:** [CVE-2017-16939](<https://vulners.com/cve/CVE-2017-16939>) \n**DESCRIPTION:** Linux Kernel could allow a remote attacker to gain elevated privileges on the system, caused by an use-after-free in the Netlink socket subsystem XFRM. By sending a specially-crafted request, an attacker could exploit this vulnerability to gain privileges. \nCVSS Base Score: 9.8 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/135317> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n**CVEID:** [CVE-2018-1113](<https://vulners.com/cve/CVE-2018-1113>) \n**DESCRIPTION:** Setup Project could allow a remote attacker to bypass security restrictions, caused by an issue with adding /sbin/nologin and /usr/sbin/nologin to /etc/shells. By sending a specially-crafted request, an attacker could exploit this vulnerability to bypass access restrictions. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/147843> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)\n\n**CVEID:** [CVE-2018-0494](<https://vulners.com/cve/CVE-2018-0494>) \n**DESCRIPTION:** GNU Wget could allow a remote attacker to bypass security restrictions, caused by the failure to properly process Set-Cookie responses. By sending a specially-crafted Set-Cookie -header request, an attacker could exploit this vulnerability to inject arbitrary cookies into the cookie jar file and set and modify cookies on the target system. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/142899> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)\n\n**CVEID:** [CVE-2017-1000050](<https://vulners.com/cve/CVE-2017-1000050>) \n**DESCRIPTION:** JasPer is vulnerable to a denial of service, caused by a NULL pointer exception in the jp2_encode function. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/130253> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2016-9396](<https://vulners.com/cve/CVE-2016-9396>) \n**DESCRIPTION:** JasPer is vulnerable to a denial of service, caused by an error in the JPC_NOMINALGAIN function in jpc_t1cod.c. By using unspecified vectors, an attacker could exploit this vulnerability to trigger an assertion failure. \nCVSS Base Score: 5.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/123690> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2018-1061](<https://vulners.com/cve/CVE-2018-1061>) \n**DESCRIPTION:** Python is vulnerable to a denial of service, caused by catastrophic backtracking in the difflib.IS_LINE_JUNK method. A remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base Score: 6.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/145115> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2018-1060](<https://vulners.com/cve/CVE-2018-1060>) \n**DESCRIPTION:** Python is vulnerable to a denial of service, caused by catastrophic backtracking in the pop3lib''s apop() method. A remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base Score: 6.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/145116> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2018-10846](<https://vulners.com/cve/CVE-2018-10846>) \n**DESCRIPTION:** GnuTLS could allow a local authenticated attacker to obtain sensitive information, caused by a cache-based side channel issue. By using a combination of Just in Time Prime+probe attack in combination with Lucky-13 attack, a remote attacker could exploit this vulnerability to recover plain text and obtain information. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/148725> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:N/A:N)\n\n**CVEID:** [CVE-2018-10845](<https://vulners.com/cve/CVE-2018-10845>) \n**DESCRIPTION:** GnuTLS could allow a remote attacker to obtain sensitive information, caused by a flaw in the implementation of HMAC-SHA-384. By sending a specially-crafted packet, a remote attacker could exploit this vulnerability to obtain information. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/148730> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)\n\n**CVEID:** [CVE-2018-10844](<https://vulners.com/cve/CVE-2018-10844>) \n**DESCRIPTION:** GnuTLS could allow a remote attacker to obtain sensitive information, caused by a flaw in the implementation of HMAC-SHA-256. By sending a specially-crafted packet, a remote attacker could exploit this vulnerability to obtain information. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/148731> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)\n\n**CVEID:** [CVE-2018-5730](<https://vulners.com/cve/CVE-2018-5730>) \n**DESCRIPTION:** MIT krb5 could allow a remote authenticated attacker to bypass security restrictions, caused by a flaw in the LDAP Kerberos database. By sending a specially-crafted request, an attacker could exploit this vulnerability to bypass DN container check. \nCVSS Base Score: 6.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/139970> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N)\n\n**CVEID:** [CVE-2018-5729](<https://vulners.com/cve/CVE-2018-5729>) \n**DESCRIPTION:** MIT krb5 is vulnerable to a denial of service, caused by a NULL pointer dereference in the LDAP Kerberos database. By sending specially-crafted data, a remote authenticated attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base Score: 6.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/139969> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2018-5391](<https://vulners.com/cve/CVE-2018-5391>) \n**DESCRIPTION:** Linux Kernel is vulnerable to a denial of service, caused by the improper handling of the reassembly of fragmented IPv4 and IPv6 packets by the IP implementation. By sending specially crafted IP fragments with random offsets, a remote attacker could exploit this vulnerability to exhaust all available CPU resources and cause a denial of service. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/148388> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2018-15688](<https://vulners.com/cve/CVE-2018-15688>) \n**DESCRIPTION:** systemd is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the dhcp6 client. By sending a specially-crafted request, a remote attacker could overflow a buffer and execute arbitrary code on the system. \nCVSS Base Score: 7.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/152041> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [CVE-2018-1618](<https://vulners.com/cve/CVE-2018-1618>) \n**DESCRIPTION:** IBM Security Privileged Identity Manager Virtual Appliance could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing \"dot dot\" sequences (/../) to view arbitrary files on the system. \nCVSS Base Score: 7.7 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/144343> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N)\n\n**CVEID:** [CVE-2018-1640](<https://vulners.com/cve/CVE-2018-1640>) \n**DESCRIPTION:** IBM Security Privileged Identity Manager Virtual Appliance could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system. \nCVSS Base Score: 8.8 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/144580> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)\n\n**CVEID:** [CVE-2018-1680](<https://vulners.com/cve/CVE-2018-1680>) \n**DESCRIPTION:** IBM Security Privileged Identity Manager Virtual Appliance does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/145236> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)\n\n**CVEID:** [CVE-2018-1680](<https://vulners.com/cve/CVE-2018-1680>) \n**DESCRIPTION:** IBM Security Privileged Identity Manager Virtual Appliance does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/145236> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)\n\n**CVEID:** [CVE-2018-1622](<https://vulners.com/cve/CVE-2018-1622>) \n**DESCRIPTION:** IBM Security Privileged Identity Manager Virtual Appliance is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/144348> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N)\n\n**CVEID:** [CVE-2018-1623](<https://vulners.com/cve/CVE-2018-1623>) \n**DESCRIPTION:** IBM Security Privileged Identity Manager Virtual Appliance allows web pages to be stored locally which can be read by another user on the system. \nCVSS Base Score: 4 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/144408> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [CVE-2018-1626](<https://vulners.com/cve/CVE-2018-1626>) \n**DESCRIPTION:** IBM Security Privileged Identity Manager Virtual Appliance does not renew a session variable after a successful authentication which could lead to session fixation/hijacking vulnerability. This could force a user to utilize a cookie that may be known to an attacker. \nCVSS Base Score: 3.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/144411> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [CVE-2018-1625](<https://vulners.com/cve/CVE-2018-1625>) \n**DESCRIPTION:** IBM Security Privileged Identity Manager Virtual Appliance generates an error message that includes sensitive information about its environment, users, or associated data. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/144410> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [CVE-2016-5725](<https://vulners.com/cve/CVE-2016-5725>) \n**DESCRIPTION:** JSch could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request to the implementation for recursive sftp-get containing \"dot dot\" sequences (/../) to download the malicious files outside the client download base directory. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/117122> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N)\n\n#### CVE Information: (copy/paste-able; will update after page submission. Provided by system to make it easy to cut and paste data.)\n\n**CVEID:** [CVE-2016-1182](<https://vulners.com/cve/CVE-2016-1182>) \n**DESCRIPTION:** Apache Struts could allow a remote attacker to bypass security restrictions, caused by the failure to properly properly restrict the Validator configuration bin ActionServlet.java. An attacker could exploit this vulnerability to modify validation rules and error messages. \nCVSS Base Score: 4.8 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/113853> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L)\n\n**CVEID:** [CVE-2016-1181](<https://vulners.com/cve/CVE-2016-1181>) \n**DESCRIPTION:** Apache Struts could allow a remote attacker to execute arbitrary code on the system, caused by the failure to protect against unintended remote operations against components on server memory by the ActionForm instance. An attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base Score: 8.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/113852> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n**CVEID:** [CVE-2014-0114](<https://vulners.com/cve/CVE-2014-0114>) \n**DESCRIPTION:** Apache Struts could allow a remote attacker to execute arbitrary code on the system, caused by the failure to restrict the setting of Class Loader attributes. An attacker could exploit this vulnerability using the class parameter of an ActionForm object to manipulate the ClassLoader and execute arbitrary code on the system. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/92889> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:P)\n\n**CVEID:** [CVE-2015-0899](<https://vulners.com/cve/CVE-2015-0899>) \n**DESCRIPTION:** Apache Struts could allow a remote attacker to bypass security restrictions, caused by an error in the MultiPageValidator implementation. An attacker could exploit this vulnerability using a modified page parameter to bypass restrictions and launch further attacks on the system. This vulnerability also affects other products. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/101770> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)\n\n**CVEID:** [CVE-2016-0705](<https://vulners.com/cve/CVE-2016-0705>) \n**DESCRIPTION:** OpenSSL is vulnerable to a denial of service, caused by a double-free error when parsing DSA private keys. An attacker could exploit this vulnerability to corrupt memory and cause a denial of service. \nCVSS Base Score: 3.7 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/111140> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2017-3732](<https://vulners.com/cve/CVE-2017-3732>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by a carry propagating bug in the x86_64 Montgomery squaring procedure. An attacker could exploit this vulnerability to obtain information about the private key. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/121313> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [CVE-2017-3736](<https://vulners.com/cve/CVE-2017-3736>) \n**DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by a carry propagation flaw in the x86_64 Montgomery squaring function bn_sqrx8x_internal(). An attacker with online access to an unpatched system could exploit this vulnerability to obtain information about the private key. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/134397> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)\n\n**CVEID:** [CVE-2018-1428](<https://vulners.com/cve/CVE-2018-1428>) \n**DESCRIPTION:** IBM GSKit uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. \nCVSS Base Score: 6.2 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/139073> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)\n\n**CVEID:** [CVE-2018-1427](<https://vulners.com/cve/CVE-2018-1427>) \n**DESCRIPTION:** IBM GSKit contains several enviornment variables that a local attacker could overflow and cause a denial of service. \nCVSS Base Score: 6.2 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/139072> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2018-1426](<https://vulners.com/cve/CVE-2018-1426>) \n**DESCRIPTION:** IBM GSKit duplicates the PRNG state across fork() system calls when multiple ICC instances are loaded which could result in duplicate Session IDs and a risk of duplicate key material. \nCVSS Base Score: 7.4 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/139071> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N)\n\n**CVEID:** [CVE-2018-1567](<https://vulners.com/cve/CVE-2018-1567>) \n**DESCRIPTION:** IBM WebSphere Application Server could allow remote attackers to execute arbitrary Java code through the SOAP connector with a serialized object from untrusted sources. \nCVSS Base Score: 9.8 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/143024> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n**CVEID:** [CVE-2018-1719](<https://vulners.com/cve/CVE-2018-1719>) \n**DESCRIPTION:** IBM WebSphere Application Server could provide weaker than expected security under certain conditions. This could result in a downgrade of TLS protocol. A remote attacker could exploit this vulnerability to perform man-in-the-middle attacks. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/147292> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)\n\n**CVEID:** [CVE-2014-7810](<https://vulners.com/cve/CVE-2014-7810>) \n**DESCRIPTION:** Apache Tomcat could allow a remote attacker to bypass security restrictions, caused by the use of expression language. An attacker could exploit this vulnerability to bypass the protections of a Security Manager. \nCVSS Base Score: 5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/103155> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:N)\n\n**CVEID:** [CVE-2018-1794](<https://vulners.com/cve/CVE-2018-1794>) \n**DESCRIPTION:** IBM WebSphere Application Server is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. \nCVSS Base Score: 6.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/148949> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n**CVEID:** [CVE-2018-1767](<https://vulners.com/cve/CVE-2018-1767>) \n**DESCRIPTION:** IBM WebSphere Application Server Cachemonitor is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. \nCVSS Base Score: 6.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/148621> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n**CVEID:** [CVE-2018-1901](<https://vulners.com/cve/CVE-2018-1901>) \n**DESCRIPTION:** IBM WebSphere Application Server could allow a remote attacker to temporarily gain elevated privileges on the system, caused by incorrect cached value being used. \nCVSS Base Score: 5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/152530> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [CVE-2018-1904](<https://vulners.com/cve/CVE-2018-1904>) \n**DESCRIPTION:** IBM WebSphere Application Server could allow remote attackers to execute arbitrary Java code through an administrative client class with a serialized object from untrusted sources. \nCVSS Base Score: 8.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/152533> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n**CVEID:** [CVE-2018-3139](<https://vulners.com/cve/CVE-2018-3139>)\n\n**DESCRIPTION:** An unspecified vulnerability in Oracle Java SE related to the Java SE, Java SE Embedded Networking component could allow an unauthenticated attacker to obtain sensitive information resulting in a low confidentiality impact using unknown attack vectors. \nCVSS Base Score: 3.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/151455> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N)\n\n**CVEID:** [CVE-2018-3136](<https://vulners.com/cve/CVE-2018-3136>) \n**DESCRIPTION:** An unspecified vulnerability in Oracle Java SE related to the Java SE, Java SE Embedded Security component could allow an unauthenticated attacker to cause no confidentiality impact, low integrity impact, and no availability impact. \nCVSS Base Score: 3.4 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/151452> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:N)\n\n**CVEID:** [CVE-2018-13785](<https://vulners.com/cve/CVE-2018-13785>) \n**DESCRIPTION:** libpng is vulnerable to a denial of service, caused by a wrong calculation of row_factor in the png_check_chunk_length function in pngrutil.c. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base Score: 5.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/146015> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2018-3214](<https://vulners.com/cve/CVE-2018-3214>) \n**DESCRIPTION:** An unspecified vulnerability in Oracle Java SE related to the Java SE, Java SE Embedded, JRockit Sound component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/151530> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2018-3180](<https://vulners.com/cve/CVE-2018-3180>) \n**DESCRIPTION:** An unspecified vulnerability in Oracle Java SE related to the Java SE, Java SE Embedded, JRockit JSSE component could allow an unauthenticated attacker to cause low confidentiality impact, low integrity impact, and low availability impact. \nCVSS Base Score: 5.6 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/151497> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [CVE-2018-3149](<https://vulners.com/cve/CVE-2018-3149>) \n**DESCRIPTION:** An unspecified vulnerability in Oracle Java SE related to the Java SE, Java SE Embedded, JRockit JNDI component could allow an unauthenticated attacker to take control of the system. \nCVSS Base Score: 8.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/151465> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H)\n\n**CVEID:** [CVE-2018-3169](<https://vulners.com/cve/CVE-2018-3169>) \n**DESCRIPTION:** An unspecified vulnerability in Oracle Java SE related to the Java SE, Java SE Embedded Hotspot component could allow an unauthenticated attacker to take control of the system. \nCVSS Base Score: 8.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/151486> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H)\n\n**CVEID:** [CVE-2018-3183](<https://vulners.com/cve/CVE-2018-3183>) \n**DESCRIPTION:** An unspecified vulnerability in Oracle Java SE related to the Java SE, Java SE Embedded, JRockit Scripting component could allow an unauthenticated attacker to take control of the system. \nCVSS Base Score: 9 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/151500> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H)\n\n**CVEID:** [CVE-2018-2677](<https://vulners.com/cve/CVE-2018-2677>) \n**DESCRIPTION:** An unspecified vulnerability in Oracle Java SE related to the Java SE, Java SE Embedded AWT component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/137932> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2018-2641](<https://vulners.com/cve/CVE-2018-2641>) \n**DESCRIPTION:** An unspecified vulnerability in Oracle Java SE related to the Java SE, Java SE Embedded AWT component could allow an unauthenticated attacker to cause no confidentiality impact, high integrity impact, and no availability impact. \nCVSS Base Score: 6.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/137893> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:H/A:N)\n\n**CVEID:** [CVE-2018-2783](<https://vulners.com/cve/CVE-2018-2783>) \n**DESCRIPTION:** An unspecified vulnerability in Oracle Java SE related to the Java SE, Java SE Embedded, JRockit Security component could allow an unauthenticated attacker to cause high confidentiality impact, high integrity impact, and no availability impact. \nCVSS Base Score: 7.4 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/141939> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N)\n\n**CVEID:** [CVE-2018-1656](<https://vulners.com/cve/CVE-2018-1656>) \n**DESCRIPTION:** The IBM Java Runtime Environment''s Diagnostic Tooling Framework for Java (DTFJ) does not protect against path traversal attacks when extracting compressed dump files. \nCVSS Base Score: 7.4 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/144882> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N)\n\n**CVEID:** [CVE-2018-2973](<https://vulners.com/cve/CVE-2018-2973>) \n**DESCRIPTION:** An unspecified vulnerability in Oracle Java SE related to the Java SE, Java SE Embedded JSSE component could allow an unauthenticated attacker to cause no confidentiality impact, high integrity impact, and no availability impact. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/146835> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N)\n\n**CVEID:** [CVE-2018-1517](<https://vulners.com/cve/CVE-2018-1517>) \n**DESCRIPTION:** A flaw in the java.math component in IBM SDK, Java Technology Edition may allow an attacker to inflict a denial-of-service attack with specially crafted String data. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/141681> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2018-2964](<https://vulners.com/cve/CVE-2018-2964>) \n**DESCRIPTION:** An unspecified vulnerability in Oracle Java SE related to the Java SE Deployment component could allow an unauthenticated attacker to take control of the system. \nCVSS Base Score: 8.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/146827> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H)\n\n**CVEID:** [CVE-2018-12539](<https://vulners.com/cve/CVE-2018-12539>) \n**DESCRIPTION:** Eclipse OpenJ9 could allow a local attacker to gain elevated privileges on the system, caused by the failure to restrict the use of Java Attach API to connect to an Eclipse OpenJ9 or IBM JVM on the same machine and use Attach API operations to only the process owner. An attacker could exploit this vulnerability to execute untrusted native code and gain elevated privileges on the system. \nCVSS Base Score: 8.4 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/148389> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n## Affected Products and Versions\n\nIBM Security Privileged Identity Manager 2.1.1\n\n## Remediation/Fixes\n\nProduct | VRMF | Remediation/First Fix \n---|---|--- \nIBM Security Privileged Identity Manager | 2.1.1 | [2.1.1-ISS-ISPIM-VA-FP0002](<https://www-945.ibm.com/support/fixcentral/swg/downloadFixes?parent=IBM%20Security&product=ibm/Tivoli/IBM+Security+Privileged+Identity+Manager&release=2.1.1&platform=All&function=fixId&fixids=2.1.1-ISS-ISPIM-VA-FP0002&includeRequisites=1&includeSupersedes=0&downloadMethod=http>) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-09-17T15:34:01", "type": "ibm", "title": "Security Bulletin: Multiple Security Vulnerabilities have been fixed in IBM Security Privileged Identity Manager Appliance.", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-0114", "CVE-2014-7810", "CVE-2015-0899", "CVE-2015-5180", "CVE-2016-0701", "CVE-2016-0705", "CVE-2016-1181", "CVE-2016-1182", "CVE-2016-5725", "CVE-2016-9396", "CVE-2017-1000050", "CVE-2017-1000407", "CVE-2017-11368", "CVE-2017-12132", "CVE-2017-15116", "CVE-2017-15670", "CVE-2017-16939", "CVE-2017-18017", "CVE-2017-3732", "CVE-2017-3736", "CVE-2017-3737", "CVE-2017-3738", "CVE-2017-6462", "CVE-2017-6463", "CVE-2017-6464", "CVE-2017-7562", "CVE-2018-0494", "CVE-2018-1000199", "CVE-2018-1049", "CVE-2018-1060", "CVE-2018-1061", "CVE-2018-1068", "CVE-2018-10844", "CVE-2018-10845", "CVE-2018-10846", "CVE-2018-1087", "CVE-2018-1091", "CVE-2018-1113", "CVE-2018-12539", "CVE-2018-13785", "CVE-2018-1426", "CVE-2018-1427", "CVE-2018-1428", "CVE-2018-1517", "CVE-2018-1567", "CVE-2018-15688", "CVE-2018-1618", "CVE-2018-1622", "CVE-2018-1623", "CVE-2018-1625", "CVE-2018-1626", "CVE-2018-1640", "CVE-2018-1656", "CVE-2018-1680", "CVE-2018-1719", "CVE-2018-1767", "CVE-2018-1794", "CVE-2018-1901", "CVE-2018-1904", "CVE-2018-2641", "CVE-2018-2677", "CVE-2018-2783", "CVE-2018-2964", "CVE-2018-2973", "CVE-2018-3136", "CVE-2018-3139", "CVE-2018-3149", "CVE-2018-3169", "CVE-2018-3180", "CVE-2018-3183", "CVE-2018-3214", "CVE-2018-3639", "CVE-2018-5391", "CVE-2018-5729", "CVE-2018-5730", "CVE-2018-8897"], "modified": "2019-09-17T15:34:01", "id": "3E3AF8AC7BA63076BEE8FFB670B3A3F27E0903C83526E54496E50EB2DF74B875", "href": "https://www.ibm.com/support/pages/node/879093", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-06-08T01:42:45", "description": "## Summary\n\nMultiple vulnerabilities found in 3rd party software used by IBM Integration Designer. IBM Integration Designer has addressed the multiple CVEs.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-36181](<https://vulners.com/cve/CVE-2020-36181>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization between gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS. By sending a specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/194376](<https://exchange.xforce.ibmcloud.com/vulnerabilities/194376>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-35491](<https://vulners.com/cve/CVE-2020-35491>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization between gadgets and typing, related to org.apache.commons.dbcp2.datasources.SharedPoolDataSource. By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/193394](<https://exchange.xforce.ibmcloud.com/vulnerabilities/193394>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2019-16335](<https://vulners.com/cve/CVE-2019-16335>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to obtain sensitive information, caused by a polymorphic typing issue in com.zaxxer.hikari.HikariDataSource. A remote attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/167205](<https://exchange.xforce.ibmcloud.com/vulnerabilities/167205>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2020-36189](<https://vulners.com/cve/CVE-2020-36189>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization between gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource. By sending a specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/194384](<https://exchange.xforce.ibmcloud.com/vulnerabilities/194384>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2019-17267](<https://vulners.com/cve/CVE-2019-17267>) \n** DESCRIPTION: **FasterXML jackson-databind could provide weaker than expected security, caused by a polymorphic typing issue in the net.sf.ehcache.hibernate.EhcacheJtaTransactionManagerLookup. A remote attacker could exploit this vulnerability to launch further attacks on the system. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/168514](<https://exchange.xforce.ibmcloud.com/vulnerabilities/168514>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2019-12384](<https://vulners.com/cve/CVE-2019-12384>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by the failure to block the logback-core class from polymorphic deserialization. By sending a specially-crafted JSON message, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/162849](<https://exchange.xforce.ibmcloud.com/vulnerabilities/162849>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2022-42004](<https://vulners.com/cve/CVE-2022-42004>) \n** DESCRIPTION: **FasterXML jackson-databind is vulnerable to a denial of service, caused by a lack of a check in in the BeanDeserializer._deserializeFromArray function. By sending a specially-crafted request using deeply nested arrays, a local attacker could exploit this vulnerability to exhaust all available resources. \nCVSS Base score: 6.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/237660](<https://exchange.xforce.ibmcloud.com/vulnerabilities/237660>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2019-12814](<https://vulners.com/cve/CVE-2019-12814>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to obtain sensitive information, caused by a polymorphic typing issue. By sending a specially-crafted JSON message, an attacker could exploit this vulnerability to read arbitrary local files on the server. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/162875](<https://exchange.xforce.ibmcloud.com/vulnerabilities/162875>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2019-16942](<https://vulners.com/cve/CVE-2019-16942>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by a polymorphic typing issue in the commons-dbcp class. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/168254](<https://exchange.xforce.ibmcloud.com/vulnerabilities/168254>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2018-19362](<https://vulners.com/cve/CVE-2018-19362>) \n** DESCRIPTION: **An unspecified error with failure to block the jboss-common-core class from polymorphic deserialization in FasterXML jackson-databind has an unknown impact and attack vector. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155093](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155093>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2020-11112](<https://vulners.com/cve/CVE-2020-11112>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.apache.commons.proxy.provider.remoting.RmiProvider (aka apache/commons-proxy). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178902](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178902>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-9546](<https://vulners.com/cve/CVE-2020-9546>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by the mishandling of interaction between serialization gadgets and typing in org.apache.hadoop.shaded.com.zaxxer.hikari.HikariConfig (aka shaded hikari-config). By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/177102](<https://exchange.xforce.ibmcloud.com/vulnerabilities/177102>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-10672](<https://vulners.com/cve/CVE-2020-10672>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.apache.aries.transaction.jms.internal.XaPooledConnectionFactory (aka aries.transaction.jms). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178104](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178104>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2018-19360](<https://vulners.com/cve/CVE-2018-19360>) \n** DESCRIPTION: **An unspecified error with failure to block the axis2-transport-jms class from polymorphic deserialization in FasterXML jackson-databind has an unknown impact and attack vector. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155091](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155091>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2020-14060](<https://vulners.com/cve/CVE-2020-14060>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in oadd.org.apache.xalan.lib.sql.JNDIConnectionPool (aka apache/drill). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/183422](<https://exchange.xforce.ibmcloud.com/vulnerabilities/183422>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-9547](<https://vulners.com/cve/CVE-2020-9547>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by the mishandling of interaction between serialization gadgets and typing in com.ibatis.sqlmap.engine.transaction.jta.JtaTransactionConfig (aka ibatis-sqlmap). By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/177103](<https://exchange.xforce.ibmcloud.com/vulnerabilities/177103>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-14195](<https://vulners.com/cve/CVE-2020-14195>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in rg.jsecurity.realm.jndi.JndiRealmFactory (aka org.jsecurity). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/183495](<https://exchange.xforce.ibmcloud.com/vulnerabilities/183495>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-20190](<https://vulners.com/cve/CVE-2021-20190>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization between gadgets and typing, related to a class(es) of JDK Swing. By sending a specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/195243](<https://exchange.xforce.ibmcloud.com/vulnerabilities/195243>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-14062](<https://vulners.com/cve/CVE-2020-14062>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in com.sun.org.apache.xalan.internal.lib.sql.JNDIConnectionPool (aka xalan2). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/183425](<https://exchange.xforce.ibmcloud.com/vulnerabilities/183425>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2019-20330](<https://vulners.com/cve/CVE-2019-20330>) \n** DESCRIPTION: **A lacking of certain net.sf.ehcache blocking in FasterXML jackson-databind has an unknown impact and attack vector. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/173897](<https://exchange.xforce.ibmcloud.com/vulnerabilities/173897>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2019-14893](<https://vulners.com/cve/CVE-2019-14893>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization when using the xalan JNDI gadget. By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/177108](<https://exchange.xforce.ibmcloud.com/vulnerabilities/177108>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2018-14719](<https://vulners.com/cve/CVE-2018-14719>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by the failure to block the blaze-ds-opt and blaze-ds-core classes from polymorphic deserialization. An attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155138](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155138>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-36188](<https://vulners.com/cve/CVE-2020-36188>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization between gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource. By sending a specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/194383](<https://exchange.xforce.ibmcloud.com/vulnerabilities/194383>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-36180](<https://vulners.com/cve/CVE-2020-36180>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization between gadgets and typing, related to org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS. By sending a specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/194375](<https://exchange.xforce.ibmcloud.com/vulnerabilities/194375>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2019-17531](<https://vulners.com/cve/CVE-2019-17531>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by a polymorphic typing issue when Default Typing is enabled. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/169073](<https://exchange.xforce.ibmcloud.com/vulnerabilities/169073>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-25649](<https://vulners.com/cve/CVE-2020-25649>) \n** DESCRIPTION: **FasterXML Jackson Databind could provide weaker than expected security, caused by not having entity expansion secured properly. A remote attacker could exploit this vulnerability to launch XML external entity (XXE) attacks to have impact over data integrity. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/192648](<https://exchange.xforce.ibmcloud.com/vulnerabilities/192648>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N) \n \n** CVEID: **[CVE-2018-12022](<https://vulners.com/cve/CVE-2018-12022>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by a flaw when the Default Typing is enabled. By sending a specially-crafted request in LDAP service, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/163227](<https://exchange.xforce.ibmcloud.com/vulnerabilities/163227>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2019-14540](<https://vulners.com/cve/CVE-2019-14540>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to obtain sensitive information, caused by a polymorphic typing issue in com.zaxxer.hikari.HikariConfig. A remote attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/167354](<https://exchange.xforce.ibmcloud.com/vulnerabilities/167354>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2020-36184](<https://vulners.com/cve/CVE-2020-36184>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization between gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource. By sending a specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/194379](<https://exchange.xforce.ibmcloud.com/vulnerabilities/194379>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-36518](<https://vulners.com/cve/CVE-2020-36518>) \n** DESCRIPTION: **FasterXML jackson-databind is vulnerable to a denial of service, caused by a Java StackOverflow exception. By using a large depth of nested objects, a remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/222319](<https://exchange.xforce.ibmcloud.com/vulnerabilities/222319>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-36183](<https://vulners.com/cve/CVE-2020-36183>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization between gadgets and typing, related to org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool. By sending a specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/194378](<https://exchange.xforce.ibmcloud.com/vulnerabilities/194378>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-36182](<https://vulners.com/cve/CVE-2020-36182>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization between gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS. By sending a specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/194377](<https://exchange.xforce.ibmcloud.com/vulnerabilities/194377>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-35728](<https://vulners.com/cve/CVE-2020-35728>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization between gadgets and typing, related to com.oracle.wls.shaded.org.apache.xalan.lib.sql.JNDIConnectionPool. By sending a specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/193843](<https://exchange.xforce.ibmcloud.com/vulnerabilities/193843>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2019-14439](<https://vulners.com/cve/CVE-2019-14439>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to obtain sensitive information, caused by a polymorphic typing issue when Default Typing is enabled. A remote attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/164744](<https://exchange.xforce.ibmcloud.com/vulnerabilities/164744>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2020-11620](<https://vulners.com/cve/CVE-2020-11620>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.apache.commons.jelly.impl.Embedded (aka commons-jelly). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/179431](<https://exchange.xforce.ibmcloud.com/vulnerabilities/179431>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-35490](<https://vulners.com/cve/CVE-2020-35490>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization between gadgets and typing, related to org.apache.commons.dbcp2.datasources.PerUserPoolDataSource. By sending a specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/193391](<https://exchange.xforce.ibmcloud.com/vulnerabilities/193391>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-8840](<https://vulners.com/cve/CVE-2020-8840>) \n** DESCRIPTION: **Multiple Huawei products could allow a remote attacker to execute arbitrary code on the system, caused by the deserialization of data without proper validation. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/185699](<https://exchange.xforce.ibmcloud.com/vulnerabilities/185699>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2020-36179](<https://vulners.com/cve/CVE-2020-36179>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization between gadgets and typing, related to oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS. By sending a specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/194374](<https://exchange.xforce.ibmcloud.com/vulnerabilities/194374>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-10968](<https://vulners.com/cve/CVE-2020-10968>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.aoju.bus.proxy.provider.remoting.RmiProvider (aka bus-proxy). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178544](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178544>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2019-16943](<https://vulners.com/cve/CVE-2019-16943>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by a polymorphic typing issue in the p6spy class. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/168255](<https://exchange.xforce.ibmcloud.com/vulnerabilities/168255>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-36187](<https://vulners.com/cve/CVE-2020-36187>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization between gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource. By sending a specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/194382](<https://exchange.xforce.ibmcloud.com/vulnerabilities/194382>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2018-12023](<https://vulners.com/cve/CVE-2018-12023>) \n** DESCRIPTION: **An unspecified vulnerability in multiple Oracle products could allow an unauthenticated attacker to take control of the system. \nCVSS Base score: 8.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/151425](<https://exchange.xforce.ibmcloud.com/vulnerabilities/151425>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-10969](<https://vulners.com/cve/CVE-2020-10969>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in javax.swing.JEditorPane. By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178546](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178546>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-10650](<https://vulners.com/cve/CVE-2020-10650>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by the unsafe deserialization of data when handling interactions related to the class ignite-jta. By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/234219](<https://exchange.xforce.ibmcloud.com/vulnerabilities/234219>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-11619](<https://vulners.com/cve/CVE-2020-11619>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.springframework.aop.config.MethodLocatingFactoryBean (aka spring-aop). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/179430](<https://exchange.xforce.ibmcloud.com/vulnerabilities/179430>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2018-11307](<https://vulners.com/cve/CVE-2018-11307>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to obtain sensitive information, caused by an issue when untrusted content is deserialized with default typing enabled. By sending specially-crafted content over FTP, an attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/163528](<https://exchange.xforce.ibmcloud.com/vulnerabilities/163528>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2020-11111](<https://vulners.com/cve/CVE-2020-11111>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.apache.activemq.* (aka activemq-jms, activemq-core, activemq-pool, and activemq-pool-jms). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178901](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178901>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-24750](<https://vulners.com/cve/CVE-2020-24750>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization between gadgets and typing, related to com.pastdev.httpcomponents.configuration.JndiConfiguration. By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/188470](<https://exchange.xforce.ibmcloud.com/vulnerabilities/188470>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-11113](<https://vulners.com/cve/CVE-2020-11113>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in org.apache.openjpa.ee.WASRegistryManagedRuntime (aka openjpa). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178903](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178903>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2019-14892](<https://vulners.com/cve/CVE-2019-14892>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization when using commons-configuration 1 and 2 JNDI classes. By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/177106](<https://exchange.xforce.ibmcloud.com/vulnerabilities/177106>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2018-14718](<https://vulners.com/cve/CVE-2018-14718>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by the failure to block the slf4j-ext class from polymorphic deserialization. An attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155139](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155139>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2018-19361](<https://vulners.com/cve/CVE-2018-19361>) \n** DESCRIPTION: **An unspecified error with failure to block the openjpa class from polymorphic deserialization in FasterXML jackson-databind has an unknown impact and attack vector. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155092](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155092>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2020-24616](<https://vulners.com/cve/CVE-2020-24616>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization between gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPDataSource (aka Anteros-DBCP). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/187229](<https://exchange.xforce.ibmcloud.com/vulnerabilities/187229>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2019-14379](<https://vulners.com/cve/CVE-2019-14379>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by a flaw in the SubTypeValidator.java. An attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/165286](<https://exchange.xforce.ibmcloud.com/vulnerabilities/165286>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-10673](<https://vulners.com/cve/CVE-2020-10673>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in com.caucho.config.types.ResourceRef (aka caucho-quercus). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178107](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178107>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2019-10202](<https://vulners.com/cve/CVE-2019-10202>) \n** DESCRIPTION: **Red Hat JBoss Enterprise Application Platform (EAP) could allow a remote attacker to execute arbitrary code on the system, caused by improper deserialization in Codehaus. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/168251](<https://exchange.xforce.ibmcloud.com/vulnerabilities/168251>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-14061](<https://vulners.com/cve/CVE-2020-14061>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in oracle.jms.AQjmsQueueConnectionFactory, oracle.jms.AQjmsXATopicConnectionFactory, oracle.jms.AQjmsTopicConnectionFactory, oracle.jms.AQjmsXAQueueConnectionFactory, and oracle.jms.AQjmsXAConnectionFactory (aka weblogic/oracle-aqjms). By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/183424](<https://exchange.xforce.ibmcloud.com/vulnerabilities/183424>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-9548](<https://vulners.com/cve/CVE-2020-9548>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by the mishandling of interaction between serialization gadgets and typing in br.com.anteros.dbcp.AnterosDBCPConfig (aka anteros-core). By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/177104](<https://exchange.xforce.ibmcloud.com/vulnerabilities/177104>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2022-42003](<https://vulners.com/cve/CVE-2022-42003>) \n** DESCRIPTION: **FasterXML jackson-databind is vulnerable to a denial of service, caused by a lack of a check in the primitive value deserializers when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled. By sending a specially-crafted request using deep wrapper array nesting, a local attacker could exploit this vulnerability to exhaust all available resources. \nCVSS Base score: 6.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/237662](<https://exchange.xforce.ibmcloud.com/vulnerabilities/237662>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2019-12086](<https://vulners.com/cve/CVE-2019-12086>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to obtain sensitive information, caused by a Polymorphic Typing issue that occurs due to missing com.mysql.cj.jdbc.admin.MiniAdmin validation. By sending a specially-crafted JSON message, a remote attacker could exploit this vulnerability to read arbitrary local files on the server. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/161256](<https://exchange.xforce.ibmcloud.com/vulnerabilities/161256>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2018-14720](<https://vulners.com/cve/CVE-2018-14720>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to obtain sensitive information, caused by an XML external entity (XXE) error when processing XML data by JDK classes. By sending a specially-crafted XML data. A remote attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155137](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155137>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2020-36185](<https://vulners.com/cve/CVE-2020-36185>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization between gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource. By sending a specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/194380](<https://exchange.xforce.ibmcloud.com/vulnerabilities/194380>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2018-14721](<https://vulners.com/cve/CVE-2018-14721>) \n** DESCRIPTION: **FasterXML jackson-databind is vulnerable to server-side request forgery, caused by the failure to block the axis2-jaxws class from polymorphic deserialization. A remote authenticated attacker could exploit this vulnerability to obtain sensitive data. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155136](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155136>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2020-36186](<https://vulners.com/cve/CVE-2020-36186>) \n** DESCRIPTION: **FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization between gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource. By sending a specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/194381](<https://exchange.xforce.ibmcloud.com/vulnerabilities/194381>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2009-1190](<https://vulners.com/cve/CVE-2009-1190>) \n** DESCRIPTION: **Spring Framework is vulnerable to a denial of service, caused by the improper handling of serialized data. A remote attacker could exploit this vulnerability using regular expression strings containing an overly large amount of optional groups to consume all available CPU resources, resulting in a denial of service. \nCVSS Base score: 5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/50083](<https://exchange.xforce.ibmcloud.com/vulnerabilities/50083>) for the current score. \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P) \n \n** CVEID: **[CVE-2021-22096](<https://vulners.com/cve/CVE-2021-22096>) \n** DESCRIPTION: **VMware Spring Framework could allow a remote attacker to bypass security restrictions. By sending a specially-crafted input, an attacker could exploit this vulnerability to cause the insertion of additional log entries. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/212430](<https://exchange.xforce.ibmcloud.com/vulnerabilities/212430>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2022-42920](<https://vulners.com/cve/CVE-2022-42920>) \n** DESCRIPTION: **Apache Commons BCEL could allow a remote attacker to bypass security restrictions, caused by an out-of-bounds write flaw in the APIs. By sending a specially-crafted request, an attacker could exploit this vulnerability to gain control over the resulting bytecode than otherwise expected. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/239562](<https://exchange.xforce.ibmcloud.com/vulnerabilities/239562>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2022-38751](<https://vulners.com/cve/CVE-2022-38751>) \n** DESCRIPTION: **SnakeYAML is vulnerable to a denial of service, caused by a stack-overflow in parsing YAML files. By persuading a victim to open a specially crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/235311](<https://exchange.xforce.ibmcloud.com/vulnerabilities/235311>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2022-38749](<https://vulners.com/cve/CVE-2022-38749>) \n** DESCRIPTION: **SnakeYAML is vulnerable to a denial of service, caused by a stack-overflow in parsing YAML files. By persuading a victim to open a specially crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/235313](<https://exchange.xforce.ibmcloud.com/vulnerabilities/235313>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2022-25857](<https://vulners.com/cve/CVE-2022-25857>) \n** DESCRIPTION: **Java package org.yaml:snakeyam is vulnerable to a denial of service, caused by missing to nested depth limitation for collections. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/234864](<https://exchange.xforce.ibmcloud.com/vulnerabilities/234864>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2017-18640](<https://vulners.com/cve/CVE-2017-18640>) \n** DESCRIPTION: **SnakeYAML is vulnerable to a denial of service, caused by an entity expansion in Alias feature during a load operation. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/174331](<https://exchange.xforce.ibmcloud.com/vulnerabilities/174331>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2022-38750](<https://vulners.com/cve/CVE-2022-38750>) \n** DESCRIPTION: **SnakeYAML is vulnerable to a denial of service, caused by a stack-overflow in parsing YAML files. By persuading a victim to open a specially crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/235312](<https://exchange.xforce.ibmcloud.com/vulnerabilities/235312>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2022-38752](<https://vulners.com/cve/CVE-2022-38752>) \n** DESCRIPTION: **SnakeYAML is vulnerable to a denial of service, caused by a stack-overflow in parsing YAML files. By persuading a victim to open a specially crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/235310](<https://exchange.xforce.ibmcloud.com/vulnerabilities/235310>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2013-2186](<https://vulners.com/cve/CVE-2013-2186>) \n** DESCRIPTION: **Apache commons-fileupload could allow a remote attacker to overwrite arbitrary files on the system, caused by a NULL byte in the implementation of the DiskFileItem class. By sending a serialized instance of the DiskFileItem class, an attacker could exploit this vulnerability to write or overwrite arbitrary files on the system. \nCVSS Base score: 6.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/88133](<https://exchange.xforce.ibmcloud.com/vulnerabilities/88133>) for the current score. \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:P) \n \n** CVEID: **[CVE-2013-0248](<https://vulners.com/cve/CVE-2013-0248>) \n** DESCRIPTION: **Apache Commons FileUpload could allow a local attacker to launch a symlink attack. Temporary files are created insecurely. A local attacker could exploit this vulnerability by creating a symbolic link from a temporary file to various files on the system, which could allow the attacker to overwrite arbitrary files on the system with elevated privileges. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/82618](<https://exchange.xforce.ibmcloud.com/vulnerabilities/82618>) for the current score. \nCVSS Vector: (AV:L/AC:M/Au:N/C:N/I:P/A:P) \n \n** CVEID: **[CVE-2016-3092](<https://vulners.com/cve/CVE-2016-3092>) \n** DESCRIPTION: **Apache Tomcat is vulnerable to a denial of service, caused by an error in the Apache Commons FileUpload component. By sending file upload requests, an attacker could exploit this vulnerability to cause the server to become unresponsive. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/114336](<https://exchange.xforce.ibmcloud.com/vulnerabilities/114336>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2014-0050](<https://vulners.com/cve/CVE-2014-0050>) \n** DESCRIPTION: **Apache Commons FileUpload, as used in Apache Tomcat, Solr, and other products is vulnerable to a denial of service, caused by the improper handling of Content-Type HTTP header for multipart requests by MultipartStream.java. An attacker could exploit this vulnerability using a specially crafted Content-Type header to cause the application to enter into an infinite loop. \nCVSS Base score: 5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/90987](<https://exchange.xforce.ibmcloud.com/vulnerabilities/90987>) for the current score. \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P) \n \n** CVEID: **[CVE-2022-41854](<https://vulners.com/cve/CVE-2022-41854>) \n** DESCRIPTION: **snakeYAML is vulnerable to a denial of service, caused by improper input validation. By persuading a victim to open a specially-crafted YAML content, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/240890](<https://exchange.xforce.ibmcloud.com/vulnerabilities/240890>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-29425](<https://vulners.com/cve/CVE-2021-29425>) \n** DESCRIPTION: **Apache Commons IO could allow a remote attacker to traverse directories on the system, caused by improper input validation by the FileNameUtils.normalize method. An attacker could send a specially-crafted URL request containing \"dot dot\" sequences (/../) to view arbitrary files on the system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/199852](<https://exchange.xforce.ibmcloud.com/vulnerabilities/199852>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2016-1181](<https://vulners.com/cve/CVE-2016-1181>) \n** DESCRIPTION: **Apache Struts could allow a remote attacker to execute arbitrary code on the system, caused by the failure to protect against unintended remote operations against components on server memory by the ActionForm instance. An attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/113852](<https://exchange.xforce.ibmcloud.com/vulnerabilities/113852>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2015-0899](<https://vulners.com/cve/CVE-2015-0899>) \n** DESCRIPTION: **Apache Struts could allow a remote attacker to bypass security restrictions, caused by an error in the MultiPageValidator implementation. An attacker could exploit this vulnerability using a modified page parameter to bypass restrictions and launch further attacks on the system. This vulnerability also affects other products. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/101770](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101770>) for the current score. \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N) \n \n** CVEID: **[CVE-2016-1182](<https://vulners.com/cve/CVE-2016-1182>) \n** DESCRIPTION: **Apache Struts could allow a remote attacker to bypass security restrictions, caused by the failure to properly properly restrict the Validator configuration bin ActionServlet.java. An attacker could exploit this vulnerability to modify validation rules and error messages. \nCVSS Base score: 4.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/113853](<https://exchange.xforce.ibmcloud.com/vulnerabilities/113853>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L) \n \n** CVEID: **[CVE-2008-2025](<https://vulners.com/cve/CVE-2008-2025>) \n** DESCRIPTION: **Apache Struts is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/49712](<https://exchange.xforce.ibmcloud.com/vulnerabilities/49712>) for the current score. \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N) \n \n** CVEID: **[CVE-2006-1546](<https://vulners.com/cve/CVE-2006-1546>) \n** DESCRIPTION: **Struts could allow a remote attacker to bypass security restrictions. If an attacker sends a request with a \"org.apache.struts.taglib.html.Constants.CANCEL\" parameter, the attacker could cause validation to be canceled without being detected by Struts applications that do not check for isCancelled(). This could allow the attacker to bypass security restrictions and gain unauthorized access to restricted content. \nCVSS Base score: 7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/25612](<https://exchange.xforce.ibmcloud.com/vulnerabilities/25612>) for the current score. \nCVSS Vector: \n \n** CVEID: **[CVE-2014-0114](<https://vulners.com/cve/CVE-2014-0114>) \n** DESCRIPTION: **Apache Struts could allow a remote attacker to execute arbitrary code on the system, caused by the failure to restrict the setting of Class Loader attributes. An attacker could exploit this vulnerability using the class parameter of an ActionForm object to manipulate the ClassLoader and execute arbitrary code on the system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/92889](<https://exchange.xforce.ibmcloud.com/vulnerabilities/92889>) for the current score. \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:P) \n \n** CVEID: **[CVE-2006-1548](<https://vulners.com/cve/CVE-2006-1548>) \n** DESCRIPTION: **Struts is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the LookupDispatchAction when no matching entry is in the lookupMap module. A remote attacker could exploit this vulnerability to execute script in a victim's Web browser within the security context of the hosting Web site, allowing the attacker to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 2.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/25614](<https://exchange.xforce.ibmcloud.com/vulnerabilities/25614>) for the current score. \nCVSS Vector: \n \n** CVEID: **[CVE-2006-1547](<https://vulners.com/cve/CVE-2006-1547>) \n** DESCRIPTION: **Struts is vulnerable to a denial of service caused by improper handling of multipart/form-data encoded forms with a parameter that references the getMultipartRequestHandler() method. An attacker could exploit this vulnerability to cause the affected Web application to crash or possibly gain access to sensitive information. \nCVSS Base score: 5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/25613](<https://exchange.xforce.ibmcloud.com/vulnerabilities/25613>) for the current score. \nCVSS Vector: \n \n** CVEID: **[CVE-2005-3745](<https://vulners.com/cve/CVE-2005-3745>) \n** DESCRIPTION: **Struts is vulnerable to cross-site scripting, caused by improper validation of error output by the Struts request handler. A remote attacker could embed malicious script within a request for an invalid Struts action URL, which would be executed in the victim's Web browser within the security context of the hosting site, once the link is clicked and an error page is returned. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials and possibly launch further attacks against the affected server. \nCVSS Base score: 2.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/23173](<https://exchange.xforce.ibmcloud.com/vulnerabilities/23173>) for the current score. \nCVSS Vector: \n \n** CVEID: **[CVE-2022-1471](<https://vulners.com/cve/CVE-2022-1471>) \n** DESCRIPTION: **SnakeYaml could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization in the Constructor class. By using a specially-crafted yaml content, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/241118](<https://exchange.xforce.ibmcloud.com/vulnerabilities/241118>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L) \n \n** CVEID: **[CVE-2019-10086](<https://vulners.com/cve/CVE-2019-10086>) \n** DESCRIPTION: **Apache Commons Beanutils could allow a remote attacker to gain unauthorized access to the system, caused by the failure to suppresses the class property in bean introspection by default. An attacker could exploit this vulnerability to gain unauthorized access to the classloader. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/166353](<https://exchange.xforce.ibmcloud.com/vulnerabilities/166353>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** IBM X-Force ID: **217968 \n** DESCRIPTION: **FasterXML jackson-databind is vulnerable to a denial of service, caused by an error when using JDK serialization to serialize and deserialize JsonNode values. By sending a specially crafted request, an attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 5.9 \nCVSS Temporal Score: See: [https://exchange.xforce.ibmcloud.com/vulnerabilities/217968 ](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217968>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** IBM X-Force ID: **220723 \n** DESCRIPTION: **Apache Commons Fileupload could allow a remote attacker to obtain sensitive information, caused by a resource leak flaw in the FileUploadBase class. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [https://exchange.xforce.ibmcloud.com/vulnerabilities/220723 ](<https://exchange.xforce.ibmcloud.com/vulnerabilities/220723>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Integration Designer| 22.0.2 \nIBM Integration Designer| 22.0.1 \nIBM Integration Designer| 21.0.3 \nIBM Integration Designer| 20.0.0.2 \n \n \n\n\n## Remediation/Fixes\n\nIBM strongly recommends addressing the vulnerability now by upgrading\n\n[IBM Integration Designer 22.0.2](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FWebSphere%2FIBM+Integration+Designer&fixids=22.0.2-WS-IID-IFDT180034&source=SAR> \"IBM Integration Designer 22.0.2\" )\n\n[IBM Integration Designer 22.0.1](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FWebSphere%2FIBM+Integration+Designer&fixids=22.0.1-WS-IID-IFDT180034&source=SAR> \"IBM Integration Designer 22.0.1\" )\n\n[IBM Integration Designer 21.0.3](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FWebSphere%2FIBM+Integration+Designer&fixids=21.0.3-WS-IID-IFDT180034&source=SAR> \"IBM Integration Designer 21.0.3\" )\n\n[IBM Integration Designer 20.0.0.2](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FWebSphere%2FIBM+Integration+Designer&fixids=20.0.0.2-WS-IID-IFDT180034&source=SAR> \"IBM Integration Designer 20.0.0.2\" )\n\n## Workarounds and Mitigations\n\nNone \n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2023-02-01T19:40:57", "type": "ibm", "title": "Security Bulletin: Multiple CVEs affect IBM Integration Designer", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "COMPLETE", "integrityImpact": "PARTIAL", "baseScore": 8.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 8.5, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2005-3745", "CVE-2006-1546", "CVE-2006-1547", "CVE-2006-1548", "CVE-2008-2025", "CVE-2009-1190", "CVE-2013-0248", "CVE-2013-2186", "CVE-2014-0050", "CVE-2014-0114", "CVE-2015-0899", "CVE-2016-1181", "CVE-2016-1182", "CVE-2016-3092", "CVE-2017-18640", "CVE-2018-11307", "CVE-2018-12022", "CVE-2018-12023", "CVE-2018-14718", "CVE-2018-14719", "CVE-2018-14720", "CVE-2018-14721", "CVE-2018-19360", "CVE-2018-19361", "CVE-2018-19362", "CVE-2019-10086", "CVE-2019-10202", "CVE-2019-12086", "CVE-2019-12384", "CVE-2019-12814", "CVE-2019-14379", "CVE-2019-14439", "CVE-2019-14540", "CVE-2019-14892", "CVE-2019-14893", "CVE-2019-16335", "CVE-2019-16942", "CVE-2019-16943", "CVE-2019-17267", "CVE-2019-17531", "CVE-2019-20330", "CVE-2020-10650", "CVE-2020-10672", "CVE-2020-10673", "CVE-2020-10968", "CVE-2020-10969", "CVE-2020-11111", "CVE-2020-11112", "CVE-2020-11113", "CVE-2020-11619", "CVE-2020-11620", "CVE-2020-14060", "CVE-2020-14061", "CVE-2020-14062", "CVE-2020-14195", "CVE-2020-24616", "CVE-2020-24750", "CVE-2020-25649", "CVE-2020-35490", "CVE-2020-35491", "CVE-2020-35728", "CVE-2020-36179", "CVE-2020-36180", "CVE-2020-36181", "CVE-2020-36182", "CVE-2020-36183", "CVE-2020-36184", "CVE-2020-36185", "CVE-2020-36186", "CVE-2020-36187", "CVE-2020-36188", "CVE-2020-36189", "CVE-2020-36518", "CVE-2020-8840", "CVE-2020-9546", "CVE-2020-9547", "CVE-2020-9548", "CVE-2021-20190", "CVE-2021-22096", "CVE-2021-29425", "CVE-2022-1471", "CVE-2022-25857", "CVE-2022-38749", "CVE-2022-38750", "CVE-2022-38751", "CVE-2022-38752", "CVE-2022-41854", "CVE-2022-42003", "CVE-2022-42004", "CVE-2022-42920"], "modified": "2023-02-01T19:40:57", "id": "35774A12657731256610BEB1ACB2AE99C105060354AA560F82DED28AE65A8B24", "href": "https://www.ibm.com/support/pages/node/6910171", "cvss": {"score": 8.3, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:C"}}, {"lastseen": "2022-07-27T22:03:06", "description": "## Question\n\nIs there a list that contains the security bulletins that apply to WebSphere Application Server and IBM HTTP Server?\n\n## Answer\n\nThe following table is provided to help you locate WebSphere Application Server and IBM HTTP Server security bulletins. These are listed numerically by CVE number not by the last one published.\n\nNote the IBM Java runtime included with WebSphere Application Server provides an execution environment for non-IBM code. While the below table includes all IBM Java vulnerabilities related to the WebSphere Application Server product, there might be additional IBM Java vulnerabilities which impact non-IBM code running in your WebSphere Application Server environment. For a listing of all IBM Java security bulletins, refer to [_IBM Java Security Alerts_](<https://www.ibm.com/developerworks/java/jdk/alerts/>). To determine the Java SDK version used with WebSphere Application Server, refer to the [_Verify Java SDK version shipped with WebSphere Application Server_](<http://www-01.ibm.com/support/docview.wss?rs=180&uid=swg27005002>).\n\nTo avoid preventable security issues, it is recommended that you stay up-to-date on the most current maintenance options for your products. You can also subscribe to the security bulletins for each of your products as provided in this link, [_IBM Security Bulletins_](<http://www.ibm.com/security/secure-engineering/bulletins.html>).\n\nWhen significant updates have been made to security bulletins, it will be noted with the date of the last update in the bulletin columns.\n\nNote: Starting 07/16/2020, the most recent fix published will be added to the top of this list below as well as in numerical order by year.\n\n**Recent CVEs (previous 15 published from most recent to least recent)**\n\n**Name **\n\n| \n\n**CVE**\n\n| \n\n**CVSS Score**\n\n| \n\n**WebSphere Application Server Bulletin or Assessment**\n\n| \n\n**IBM HTTP Server Bulletin or Assessment**\n\n| \n\n**Versions Affected** \n \n---|---|---|---|---|--- \n| CVE-2022-22477 | 6.1 | [Cross-site Scripting](<https://www.ibm.com/support/pages/node/6603417>) | Not affected | 9.0,8.5 \n| CVE-2022-22473 | 3.7 | [Information Disclosure](<https://www.ibm.com/support/pages/node/6603421>) | Not affected | 9.0,8.5,8.0,7.0 \n| CVE-2019-11777 | 7.5 | [Spoofing vulnerability](<https://www.ibm.com/support/pages/node/6602039>) | Not affected | Liberty \n| CVE-2022-22476 | 5.0 | [Identity Spoofing](<https://www.ibm.com/support/pages/node/6602015>) | Not affected | Liberty \n| CVE-2022-26377 | 7.3 | Not affected | [HTTP Request Smuggling](<https://www.ibm.com/support/pages/node/6595149>) | 7.0,8.0,8.5,9.0 \n| CVE-2022-28614 | 5.3 | Not affected | [Information Disclosure](<https://www.ibm.com/support/pages/node/6595149>) | 7.0,8.0,8.5,9.0 \n| CVE-2022-28615 | 6.5 | Not affected | [Information Disclosure](<https://www.ibm.com/support/pages/node/6595149>) | 7.0,8.0,8.5,9.0 \n| CVE-2022-29404 | 5.3 | Not affected | [Denial of Service](<https://www.ibm.com/support/pages/node/6595149>) | 7.0,8.0,8.5,9.0 \n| CVE-2022-30556 | 5.3 | Not affected | [Information Disclosure](<https://www.ibm.com/support/pages/node/6595149>) | 7.0,8.0,8.5,9.0 \n| CVE-2022-31813 | 5.3 | Not affected | [Bypass Security](<https://www.ibm.com/support/pages/node/6595149>) | 7.0,8.0,8.5,9.0 \n| CVE-2022-21496 | 5.3 | [IBM Java SDK for April 2022](<https://www.ibm.com/support/pages/node/6594523>) | Not affected | 9.0,8.5,Liberty \n| CVE-2022-21299 | 5.3 | [IBM Java SDK for April 2022](<https://www.ibm.com/support/pages/node/6594523>) | Not affected | 9.0,8.5,Liberty \n| CVE-2022-22365 | 5.6 | [Spoofing vulnerability](<https://www.ibm.com/support/pages/node/6587947>) | Not affected | 9.0,8.5,8.0,7.0 \n| CVE-2022-22475 | 7.1 | [Identity Spoofing](<https://www.ibm.com/support/pages/node/6586734>) | Not affected | Liberty \n \n**2022 CVEs**\n\n**Name **\n\n| \n\n**CVE**\n\n| \n\n**CVSS Score**\n\n| \n\n**WebSphere Application Server Bulletin or Assessment**\n\n| \n\n**IBM HTTP Server Bulletin or Assessment**\n\n| \n\n**Versions Affected** \n \n---|---|---|---|---|--- \n| CVE-2022-31813 | 5.3 | Not affected | [Bypass Security](<https://www.ibm.com/support/pages/node/6595149>) | 7.0,8.0,8.5,9.0 \n| CVE-2022-30556 | 5.3 | Not affected | [Information Disclosure](<https://www.ibm.com/support/pages/node/6595149>) | 7.0,8.0,8.5,9.0 \n| CVE-2022-29404 | 5.3 | Not affected | [Denial of Service](<https://www.ibm.com/support/pages/node/6595149>) | 7.0,8.0,8.5,9.0 \n| CVE-2022-28615 | 6.5 | Not affected | [Information Disclosure](<https://www.ibm.com/support/pages/node/6595149>) | 7.0,8.0,8.5,9.0 \n| CVE-2022-28614 | 5.3 | Not affected | [Information Disclosure](<https://www.ibm.com/support/pages/node/6595149>) | 7.0,8.0,8.5,9.0 \n| CVE-2022-26377 | 7.3 | Not affected | [HTTP Request Smuggling](<https://www.ibm.com/support/pages/node/6595149>) | 7.0,8.0,8.5,9.0 \n| CVE-2022-25315 | 7.8 | Not affected | [Remote Code Execution](<https://www.ibm.com/support/pages/node/6560814>) | 9.0,8.5,8.0,7.0 \n| CVE-2022-25313 | 5.5 | Not affected | [Denial of Service](<https://www.ibm.com/support/pages/node/6560814>) | 9.0,8.5,8.0,7.0 \n| CVE-2022-25236 | 5.3 | Not affected | [Denial of Service](<https://www.ibm.com/support/pages/node/6560814>) | 9.0,8.5,8.0,7.0 \n| CVE-2022-25235 | 3.3 | Not affected | [Denial of Service](<https://www.ibm.com/support/pages/node/6560814>) | 9.0,8.5,8.0,7.0 \n| CVE-2022-23990 | 9.8 | Not affected | [Remote Code Execution](<https://www.ibm.com/support/pages/node/6559296>) | 9.0,8.5,8.0,7.0 \n| CVE-2022-23852 | 9.8 | Not affected | [Remote Code Execution](<https://www.ibm.com/support/pages/node/6559296>) | 9.0,8.5,8.0,7.0 \n| CVE-2022-23307 | 9.8 | [Remote Code Execution](<https://www.ibm.com/support/pages/node/6557248>) | Not affected | 9.0,8.5,8.0,7.0,Liberty \n| CVE-2022-23305 | 6.5 | [SQL Injection](<https://www.ibm.com/support/pages/node/6557248>) | Not affected | 9.0,8.5,8.0,7.0,Liberty \n| CVE-2022-23302 | 8.8 | [Remote Code Execution](<https://www.ibm.com/support/pages/node/6557248>) | Not affected | 9.0,8.5,8.0,7.0,Liberty \n| CVE-2022-22827 | 7.8 | Not affected | [Remote Code Execution](<https://www.ibm.com/support/pages/node/6559296>) | 9.0,8.5,8.0,7.0 \n| CVE-2022-22826 | 7.8 | Not affected | [Remote Code Execution](<https://www.ibm.com/support/pages/node/6559296>) | 9.0,8.5,8.0,7.0 \n| CVE-2022-22825 | 7.8 | Not affected | [Remote Code Execution](<https://www.ibm.com/support/pages/node/6559296>) | 9.0,8.5,8.0,7.0 \n| CVE-2022-22824 | 7.8 | Not affected | [Remote Code Execution](<https://www.ibm.com/support/pages/node/6559296>) | 9.0,8.5,8.0,7.0 \n| CVE-2022-22823 | 7.8 | Not affected | [Remote Code Execution](<https://www.ibm.com/support/pages/node/6559296>) | 9.0,8.5,8.0,7.0 \n| CVE-2022-22822 | 7.8 | Not affected | [Remote Code Execution](<https://www.ibm.com/support/pages/node/6559296>) | 9.0,8.5,8.0,7.0 \n| CVE-2022-22721 | 7.3 | Not affected | [Buffer Overflow](<https://www.ibm.com/support/pages/node/6565413>) | 9.0,8.5,8.0,7.0 \n| CVE-2022-22720 | 7.3 | Not affected | [HTTP Request Smuggling](<https://www.ibm.com/support/pages/node/6565413>) | 9.0,8.5,8.0,7.0 \n| CVE-2022-22719 | 5.3 | Not affected | [Denial of Service](<https://www.ibm.com/support/pages/node/6565413>) | 9.0,8.5,8.0,7.0 \n| CVE-2022-22477 | 6.1 | [Cross-site Scripting](<https://www.ibm.com/support/pages/node/6603417>) | Not affected | 9.0,8.5 \n| CVE-2022-22476 | 5.0 | [Identity Spoofing](<https://www.ibm.com/support/pages/node/6602015>) | Not affected | Liberty \n| CVE-2022-22475 | 7.1 | [Identity Spoofing](<https://www.ibm.com/support/pages/node/6586734>) | Not affected | Liberty \n| CVE-2022-22473 | 3.7 | [Information Disclosure](<https://www.ibm.com/support/pages/node/6603421>) | Not affected | 9.0,8.5,8.0,7.0 \n| CVE-2022-22393 | 3.1 | [Information Disclosure](<https://www.ibm.com/support/pages/node/6585704>) | Not affected | Liberty \n| CVE-2022-22365 | 5.6 | [Spoofing vulnerability](<https://www.ibm.com/support/pages/node/6587947>) | Not affected | 9.0,8.5,8.0,7.0 \n| CVE-2022-22310 | 4.8 | [Information Disclosure](<https://www.ibm.com/support/pages/node/6541530>) | Not affected | Liberty \n| CVE-2022-21496 | 5.3 | [IBM Java SDK for April 2022 CPU](<https://www.ibm.com/support/pages/node/6594523>) | | 9.0,8.5,Liberty \n| CVE-2022-21340 | 5.3 | [IBM Java SDK for January 2022 CPU](<https://www.ibm.com/support/pages/node/6559306>) | Not affected | 9.0,8.5,Liberty \n| CVE-2022-21229 | 5.3 | [IBM Java SDK for April 2022 CPU](<https://www.ibm.com/support/pages/node/6594523>) | | 9.0,8.5,Liberty \n \n**2021 CVEs**\n\n**Name **\n\n| \n\n**CVE**\n\n| \n\n**CVSS Score**\n\n| \n\n**WebSphere Application Server Bulletin or Assessment**\n\n| \n\n**IBM HTTP Server Bulletin or Assessment**\n\n| \n\n**Versions Affected** \n \n---|---|---|---|---|--- \n| CVE-2021-46708 | 4.3 | [Clickjacking vulnerability](<https://www.ibm.com/support/pages/node/6569505>) | Not affected | Liberty \n| CVE-2021-46143 | 7.8 | Not affected | [Remote Code Execution](<https://Denial of Service>) | 7.0,8.0,8.5,9.0 \n| CVE-2021-45960 | 5.5 | Not affected | [Denial of Service](<https://www.ibm.com/support/pages/node/6559296>) | 7.0,8.0,8.5,9.0 \n| CVE-2021-45105 | 7.5 | [Denial of Service](<https://www.ibm.com/support/pages/node/6538148>) | Not affected | 9.0, 8.5 \n| CVE-2021-45046 | 9.0 | [Denial of Service](<https://www.ibm.com/support/pages/node/6526750>) | Not affected | 9.0,8.5,8.0,7.0,Liberty \n| CVE-2021-44832 | 6.6 | [Remote Code Execution](<https://www.ibm.com/support/pages/node/6538148>) | Not affected | 9.0, 8.5 \n| CVE-2021-44790 | 9.8 | Not affected | [Buffer overflow](<https://www.ibm.com/support/pages/node/6540288>) | 9.0 \nLog4Shell | CVE-2021-44228 | 10 | [Remote Code Execution](<https://www.ibm.com/support/pages/node/6525706>) | Not affected | 9.0, 8.5 \n| CVE-2021-44224 | 8.2 | Not affected | [Denial of Service](<https://www.ibm.com/support/pages/node/6540288>) | 9.0 \n| CVE-2021-40438 | 9.0 | Not affected | [Server-side request forgery](<https://www.ibm.com/support/pages/node/6493841>) | 9.0 \n| CVE-2021-39275 | 3.7 | Not affected | [Buffer overflow](<https://www.ibm.com/support/pages/node/6493845>) | 9.0, 8.5, 8.0, 7.0 \n| CVE-2021-39038 | 4.4 | [Clickjacking vulnerability](<https://www.ibm.com/support/pages/node/6559044>) | Not affected | 9.0, Liberty \n| CVE-2021-39031 | 7.5 | [LDAP Injection](<https://www.ibm.com/support/pages/node/6550488>) | Not affected | Liberty \n| CVE-2021-38951 | 7.5 | [Denial of Service](<https://www.ibm.com/support/pages/node/6524674>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2021-36090 | 7.5 | [Denial of Service](<https://www.ibm.com/support/pages/node/6489683>) | Not affected | Liberty \n| CVE-2021-35603 | 3.7 | [IBM Java SDK for January 2022 CPU](<https://www.ibm.com/support/pages/node/6559306>) | Not affected | 9.0,8.5,Liberty \n| CVE-2021-35578 | 5.3 | [IBM Java SDK for October 2021 CPU](<https://www.ibm.com/support/pages/node/6520468>) | Not affected | 9.0, 8.5, Liberty \n| CVE-2021-35564 | 5.3 | [IBM Java SDK for October 2021 CPU](<https://www.ibm.com/support/pages/node/6520468>) | Not affected | 9.0, 8.5, Liberty \n| CVE-2021-35550 | 5.9 | [IBM Java SDK for January 2022 CPU](<https://www.ibm.com/support/pages/node/6559306>) | Not affected | 9.0,8.5,Liberty \n| CVE-2021-35517 | 5.5 | [Denial of Service](<https://www.ibm.com/support/pages/node/6489683>) | Not affected | Liberty \n| CVE-2021-34798 | 5.9 | Not affected | [Denial of service](<https://www.ibm.com/support/pages/node/6493841>) | 9.0 \n| CVE-2021-30641 | 5.3 | Not affected | [Weaker Security](<https://www.ibm.com/support/pages/node/6464029>) | 9.0, 8.5, 8.0, 7.0 \n| CVE-2021-29842 | 3.7 | [Information Disclosure](<https://www.ibm.com/support/pages/node/6489485>) | Not affected | 9.0,8.5,8.0,7.0,Liberty \n| CVE-2021-29754 | 4.2 | [Privilege Escalation](<https://www.ibm.com/support/pages/node/6462627>) | Not affected | 9.0, 8.5, 8.0. 7.0 \n| CVE-2021-29736 | 5.0 | [Privilege Escalation](<https://www.ibm.com/support/pages/node/6476678>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2021-26691 | 5.9 | Not affected | [Heap Buffer Overflow](<https://www.ibm.com/support/pages/node/6467651>) | 9.0 \n| CVE-2021-26690 | 3.7 | Not affected | [Denial of Service](<https://www.ibm.com/support/pages/node/6467651>) | 9.0 \n| CVE-2021-26296 | 8.8 | [Cross-site request forgery](<https://www.ibm.com/support/pages/node/6441433>) | Not affected | 9.0, 8.5, 8.0, Liberty \n| CVE-2021-23450 | 9.8 | [Remote Code Execution](<https://www.ibm.com/support/pages/node/6558594>) | Not affected | 9.0,8.5,8.0,7.0,Liberty \n| CVE-2021-20517 | 6.4 | [Directory Traversal](<https://www.ibm.com/support/pages/node/6456955>) | Not affected | 9.0, 8.5 \n| CVE-2021-20492 | 6.5 | [XXE vulnerability](<https://www.ibm.com/support/pages/node/6456017>) | Not affected | 9.0, 8.5, 8.0, Liberty \n| CVE-2021-20480 | 4.3 | [Server-side request forgery](<https://www.ibm.com/support/pages/node/6441063>) | Not affected | 8.5, 8.0, 7.0 \n| CVE-2021-20454 | 8.2 | [XXE vulnerability](<https://www.ibm.com/support/pages/node/6445481>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2021-20453 | 8.2 | [XXE vulnerability](<https://www.ibm.com/support/pages/node/6445171>) | Not affected | 9.0, 8.5, 8.0 \n| CVE-2021-20354 | 5.9 | [Directory traversal](<https://www.ibm.com/support/pages/node/6415959>) | Not affected | 9.0, 8.5, 8.0 \n| CVE-2021-20353 | 8.2 | [XXE vulnerability](<https://www.ibm.com/support/pages/node/6413709>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2021-4104 | 8.1 | [Remote Code Execution](<https://www.ibm.com/support/pages/node/6526750>) | Not affected | 9.0,8.5,8.0,7.0,Liberty \n| CVE-2021-2369 | 4.3 | [IBM Java SDK for July 2021 CPU](<https://www.ibm.com/support/pages/node/6481135>) | Not affected | 9.0, 8.5, Liberty \n| CVE-2021-2161 | 5.9 | [IBM Java SDK for April 2021 CPU](<https://www.ibm.com/support/pages/node/6454853>) | Not affected | 9.0, 8.5, Liberty \n \n**2020 CVEs**\n\n**Name **\n\n| \n\n**CVE**\n\n| \n\n**CVSS Score**\n\n| \n\n**WebSphere Application Server Bulletin or Assessment**\n\n| \n\n**IBM HTTP Server Bulletin or Assessment**\n\n| \n\n**Versions Affected** \n \n---|---|---|---|---|--- \n| CVE-2020-27221 | 9.8 | [IBM Java SDK for January 2021 CPU](<https://www.ibm.com/support/pages/node/6415639>) | Not affected | 9.0,8.5,Liberty \n| CVE-2020-14797 | 3.7 | [IBM Java SDK for October 2020 CPU](<https://www.ibm.com/support/pages/node/6379260>) | Not affected | 9.0,8.5,Liberty \n| CVE-2020-14782 | 3.7 | [IBM Java SDK for January 2021 CPU](<https://www.ibm.com/support/pages/node/6415639>) | Not affected | 9.0,8.5,Liberty \n| CVE-2020-14781 | 3.7 | [IBM Java SDK for January 2021 CPU](<https://www.ibm.com/support/pages/node/6415639>) | Not affected | 9.0,8.5,Liberty \n| CVE-2020-14621 | 5.3 | [IBM Java SDK for July 2020 CPU](<https://www.ibm.com/support/pages/node/6256732>) | Not affected | 9.0,8.5,Liberty \n| CVE-2020-14581 | 3.7 | [IBM Java SDK for July 2020 CPU](<https://www.ibm.com/support/pages/node/6256732>) | Not affected | 9.0,8.5,Liberty \n| CVE-2020-14579 | 3.7 | [IBM Java SDK for July 2020 CPU](<https://www.ibm.com/support/pages/node/6256732>) | Not affected | 9.0,8.5,Liberty \n| CVE-2020-14578 | 3.7 | [IBM Java SDK for July 2020 CPU](<https://www.ibm.com/support/pages/node/6256732>) | Not affected | 9.0,8.5,Liberty \n| CVE-2020-14577 | 3.7 | [IBM Java SDK for July 2020 CPU](<https://www.ibm.com/support/pages/node/6256732>) | Not affected | 9.0,8.5,Liberty \n| CVE-2020-13938 | 6.2 | Not affected | [Denial of Service](<https://www.ibm.com/support/pages/node/6464029>) | 9.0, 8.5, 8.0, 7.0 \n| CVE-2020-11985 | 5.3 | Not affected | [Spoofing Vulnerability](<https://www.ibm.com/support/pages/node/6324789>) | 9.0 \n| CVE-2020-10693 | 5.3 | [Bypass security](<https://www.ibm.com/support/pages/node/6348216>) | Not affected | Liberty \n| CVE-2020-5258 | 7.5 | [Information Disclosure](<https://www.ibm.com/support/pages/node/6443101>) | Not affected | 9.0, 8.5, 8.0, Liberty \n| CVE-2020-5016 | 5.3 | [Directory traversal](<https://www.ibm.com/support/pages/node/6427873>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2020-4949 | 8.2 | [XXE vulnerability](<https://www.ibm.com/support/pages/node/6408244>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2020-4782 | 6.5 | [Directory Traversal](<https://www.ibm.com/support/pages/node/6356083>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2020-4643 | 7.5 | [Information Disclosure](<https://www.ibm.com/support/pages/node/6334311>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2020-4629 | 2.9 | [Information Disclosure](<https://www.ibm.com/support/pages/node/6339255>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2020-4590 | 5.3 | [Denial of Service](<https://www.ibm.com/support/pages/node/6333623>) | Not affected | Liberty \n| CVE-2020-4589 | 8.1 | [Remote Code Execution](<https://www.ibm.com/support/pages/node/6258333>) | Not affected | 9.0,8.5,8.0,7.0 \n| CVE-2020-4578 | 5.4 | [Cross-site scripting](<https://www.ibm.com/support/pages/node/6328895>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2020-4576 | 5.3 | [Information Disclosure](<https://www.ibm.com/support/pages/node/6339807>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2020-4575 | 4.7 | [Cross-site scripting](<https://www.ibm.com/support/pages/node/6323293>) | Not affected | 9.0, 8.5, 8.0VE, 7.0VE \n| CVE-2020-4534 | 7.8 | [Remote Code Execution](<https://www.ibm.com/support/pages/node/6255074>) | Not affected | 9.0,8.5,8.0,7.0 \n| CVE-2020-4464 | 8.8 | [Remote Code Execution](<https://www.ibm.com/support/pages/node/6250059>) | Not affected | 9.0,8.5,8.0,7.0 \n| CVE-2020-4450 | 9.8 | [Remote Code Execution](<https://www.ibm.com/support/pages/node/6220294>) | Not affected | 9.0,8.5 \n| CVE-2020-4449 | 7.5 | [Information Disclosure](<https://www.ibm.com/support/pages/node/6220296>) | Not affected | 9.0, 8.5, 8.0,7.0 \n| CVE-2020-4448 | 9.8 | [Remote Code Execution](<https://www.ibm.com/support/pages/node/6220336>) | Not affected | 9.0, 8.5, 8.0VE, 7.0VE \n| CVE-2020-4421 | 5.0 | [Identity spoofing](<https://www.ibm.com/support/pages/node/6205926>) | Not affected | Liberty \n| CVE-2020-4365 | 5.3 | [Server-side request forgery](<https://www.ibm.com/support/pages/node/6209099>) | Not affected | 8.5 \n| CVE-2020-4362 | 7.5 | [Privilege Escalation](<https://www.ibm.com/support/pages/node/6174417>) | Not affected | 9.0,8.5,8.0,7.0 \n| CVE-2020-4329 | 4.3 | [Information Disclosure](<https://www.ibm.com/support/pages/node/6201862>) | Not affected | 9.0,8.5,8.0,7.0,Liberty \n| CVE-2020-4304 | 6.1 | [Cross-site scripting](<https://www.ibm.com/support/pages/node/6147195>) | Not affected | Liberty \n| CVE-2020-4303 | 6.1 | [Cross-site scripting](<https://www.ibm.com/support/pages/node/6147195>) | Not affected | Liberty \n| CVE-2020-4276 | 7.5 | [Privilege Escalation](<https://www.ibm.com/support/pages/node/6118222>) | Not affected | 9.0,8.5,8.0,7.0 \n| CVE-2020-4163 | 6.6 | [Command Execution](<https://www.ibm.com/support/pages/node/1288786>) | Not affected | 9.0,8.5,8.0,7.0 \n| CVE-2020-2800 | 4.8 | [IBM Java SDK for April 2020 CPU](<https://www.ibm.com/support/pages/node/6206850>) | Not affected | 9.0,8.5,Liberty \n| CVE-2020-2781 | 5.3 | [IBM Java SDK for April 2020 CPU](<https://www.ibm.com/support/pages/node/6206850>) | Not affected | 9.0,8.5,Liberty \n| CVE-2020-2773 | 3.7 | [IBM Java SDK for January 2021 CPU](<https://www.ibm.com/support/pages/node/6415639>) | Not affected | 9.0,8.5,Liberty \n| CVE-2020-2755 | 3.7 | [IBM Java SDK for April 2020 CPU](<https://www.ibm.com/support/pages/node/6206850>) | Not affected | 9.0,8.5,Liberty \n| CVE-2020-2754 | 3.7 | [IBM Java SDK for April 2020 CPU](<https://www.ibm.com/support/pages/node/6206850>) | Not affected | 9.0,8.5,Liberty \n| CVE-2020-2654 | 3.7 | [IBM Java SDK for April 2020 CPU](<https://www.ibm.com/support/pages/node/6206850>) | Not affected | 9.0,8.5,Liberty \n| CVE-2020-2601 | 6.8 | [IBM Java SDK for July 2020 CPU](<https://www.ibm.com/support/pages/node/6256732>) | Not affected | 9.0,8.5,Liberty \n| CVE-2020-2593 | 4.8 | [IBM Java SDK for January 2020 CPU](<https://www.ibm.com/support/pages/node/1289194>) | Not affected | 9.0,8.5,Liberty \n| CVE-2020-2590 | 3.7 | [IBM Java SDK for July 2020 CPU](<https://www.ibm.com/support/pages/node/6256732>) | Not affected | 9.0,8.5,Liberty \n| CVE-2020-1934 | 8.1 | Not affected | [Denial of Service](<https://www.ibm.com/support/pages/node/6191631>) | 9.0,8.5,8.0,7.0 \n| CVE-2020-1927 | 7.4 | Not affected | [Phishing attack](<https://www.ibm.com/support/pages/node/6191631>) | 9.0,8.5,8.0,7.0 \n \n**2019 CVEs**\n\n**Name **\n\n| \n\n**CVE**\n\n| \n\n**CVSS Score**\n\n| \n\n**WebSphere Application Server Bulletin or Assessment**\n\n| \n\n**IBM HTTP Server Bulletin or Assessment**\n\n| \n\n**Versions Affected** \n \n---|---|---|---|---|--- \n| CVE-2019-17573 | 6.1 | [Cross-site Scripting](<https://www.ibm.com/support/pages/node/6100132>) | Not affected | Liberty \n| CVE-2019-17566 | 7.5 | [Server-side request forgery](<https://www.ibm.com/support/pages/node/6322683>) | Not affected | 9.0,8.5,8.0 \n| CVE-2019-17495 | 5.3 | [Information Disclosure](<https://www.ibm.com/support/pages/node/1274596>) | Not affected | Liberty \n| CVE-2019-12402 | 4.3 | [Denial of Service](<https://www.ibm.com/support/pages/node/1074156>) | Not affected | Liberty \n| CVE-2019-12406 | 5.3 | [Denial of Service](<https://www.ibm.com/support/pages/node/1288774>) | Not affected | 9.0,Liberty \n| CVE-2019-11777 | 7.5 | [Spoofing vulnerability](<https://www.ibm.com/support/pages/node/6602039>) | Not affected | Liberty \n| CVE-2019-10098 | 3.7 | Not affected | [Phishing attack](<https://www.ibm.com/support/pages/node/964768>) | 9.0, 8.5, 8.0, 7.0 \n| CVE-2019-10092 | 4.7 | Not affected | [Cross-site scripting](<https://www.ibm.com/support/pages/node/964768>) | 9.0, 8.5, 8.0, 7.0 \n| CVE-2019-10086 | 5.3 | [Unauthorized Access](<https://www.ibm.com/support/pages/node/1115085>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2019-9518 | 7.5 | [Denial of Service](<https://www.ibm.com/support/pages/node/1072860>) | Not affected | Liberty \n| CVE-2019-9517 | 7.5 | [Denial of Service](<https://www.ibm.com/support/pages/node/1072860>) | Not affected | Liberty \n| CVE-2019-9515 | 7.5 | [Denial of Service](<https://www.ibm.com/support/pages/node/1072860>) | Not affected | Liberty \n| CVE-2019-9514 | 7.5 | [Denial of Service](<https://www.ibm.com/support/pages/node/1072860>) | Not affected | Liberty \n| CVE-2019-9513 | 7.5 | [Denial of Service](<https://www.ibm.com/support/pages/node/1072860>) | Not affected | Liberty \n| CVE-2019-9512 | 7.5 | [Denial of Service](<https://www.ibm.com/support/pages/node/1072860>) | Not affected | Liberty \n| CVE-2019-4732 | 7.2 | [IBM Java SDK for January 2020 CPU](<https://www.ibm.com/support/pages/node/1289194>) | Not affected | 9.0,8.5,Liberty \n| CVE-2019-4720 | 7.5 | [Denial of Service](<https://www.ibm.com/support/pages/node/1285372>) | Not affected | 9.0, 8.5, 8.0, 7.0 Liberty \n| CVE-2019-4670 | 6.5 | [Information Disclosure](<https://www.ibm.com/support/pages/node/1289152>) | Not affected | 9.0,8.5,8.0,7.0 \n| CVE-2019-4663 | 5.4 | [Cross-site scripting](<https://www.ibm.com/support/pages/node/1127367>) | Not affected | Liberty \n| CVE-2019-4505 | 3.7 | [Information Disclosure](<https://www.ibm.com/support/pages/node/964766>) | Not affected | 9.0, 8.5, 7.0Virtual Enterprise \n| CVE-2019-4477 | 5.3 | [Information Disclosure](<https://www.ibm.com/support/pages/node/960290>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2019-4442 | 4.3 | [Path Traversal](<https://www.ibm.com/support/pages/node/959021>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2019-4441 | 5.3 | [Information disclosure](<https://www.ibm.com/support/pages/node/959023>) | Not affected | 9.0, 8.5, 8.0, 7.0 Liberty \n| CVE-2019-4305 | 5.3 | [Information disclosure](<https://www.ibm.com/support/pages/node/960171>) | Not affected | Liberty \n| CVE-2019-4304 | 6.3 | [Bypass security](<https://www.ibm.com/support/pages/node/960171>) | Not affected | Liberty \n| CVE-2019-4285 | 5.4 | [Clickjacking vulnerability](<https://www-01.ibm.com/support/docview.wss?uid=ibm10884064>) | Not affected | Liberty \n| CVE-2019-4279 | 9.0 | [Remote Code Execution](<https://www-01.ibm.com/support/docview.wss?uid=ibm10883628>) | Not affected | 9.0, 8.5, 7.0Virtual Enterprise \n| CVE-2019-4271 | 3.5 | [HTTP Parameter Pollution](<https://www.ibm.com/support/pages/node/884040>) | Not affected | 9.0, 8.5, 7.0Virtual Enterprise \n| CVE-2019-4270 | 5.4 | [Cross-site scripting](<https://www.ibm.com/support/pages/node/884036>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2019-4269 | 5.3 | [Information Disclosure](<https://www-01.ibm.com/support/docview.wss?uid=ibm10884032>) | Not affected | 9.0 \n| CVE-2019-4268 | 5.3 | [Path Traversal](<https://www.ibm.com/support/pages/node/884030>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2019-4080 | 6.5 | [Denial of Service](<https://www-01.ibm.com/support/docview.wss?uid=ibm10875692>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2019-4046 | 5.9 | [Denial of Service](<http://www-01.ibm.com/support/docview.wss?uid=ibm10869570>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2019-4030 | 5.4 | [Cross-site scripting](<http://www-01.ibm.com/support/docview.wss?uid=ibm10869406>) | Not affected | 9.0, 8.5, 8.0VE, 7.0VE \n| CVE-2019-2989 | 6.8 | [IBM Java SDK for October 2019 CPU](<https://www.ibm.com/support/pages/node/1126887>) | Not affected | 9.0, 8.5, Liberty \n| CVE-2019-2949 | 6.8 | [IBM Java SDK for April 2020 CPU](<https://www.ibm.com/support/pages/node/6206850>) | Not affected | 9.0,8.5,Liberty \n| CVE-2019-2426 | 3.7 | [IBM Java SDK for January 2019 CPU](<https://www-01.ibm.com/support/docview.wss?uid=ibm10873042>) | Not affected | 9.0, 8.5, Liberty \n| CVE-2019-0220 | 5.3 | Not affected | [Weaker Security](<https://www-01.ibm.com/support/docview.wss?uid=ibm10880413>) | 9.0, 8.5, 8.0, 7.0 \n| CVE-2019-0211 | 8.2 | Not affected | [Privilege Escalation](<https://www-01.ibm.com/support/docview.wss?uid=ibm10880413>) | 9.0 \n \n**2018 CVEs**\n\n**Name **\n\n| \n\n**CVE**\n\n| \n\n**CVSS Score**\n\n| \n\n**WebSphere Application Server Bulletin or Assessment**\n\n| \n\n**IBM HTTP Server Bulletin or Assessment**\n\n| \n\n**Versions Affected** \n \n---|---|---|---|---|--- \n| N/A | 8.1 | [Remote code execution in JSF](<http://www-01.ibm.com/support/docview.wss?uid=ibm10716525>) | Not affected | 8.5, 8.0, 7.0 \n| CVE-2018-25031 | 5.4 | [Spoofing vulnerability](<https://www.ibm.com/support/pages/node/6569505>) | Not affected | Liberty \n| CVE-2018-20843 | 3.3 | Not affected | [Denial of service](<https://www.ibm.com/support/pages/node/964768>) | 9.0, 8.5, 8.0, 9.0 \n| CVE-2018-17199 | 5.3 | Not affected | [Bypass security ](<http://www-01.ibm.com/support/docview.wss?uid=ibm10869064>) | 9.0 \n| CVE-2018-12547 | 9.8 | [IBM Java SDK for January 2019 CPU](<https://www-01.ibm.com/support/docview.wss?uid=ibm10873042>) | Not affected | 9.0, 8.5, Liberty \n| CVE-2018-12539 | 8.4 | [IBM Java SDK for July 2018 CPU](<https://www-01.ibm.com/support/docview.wss?uid=ibm10729349>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2018-10237 | 7.5 | \n\n[Denial of service](<https://www-01.ibm.com/support/docview.wss?uid=ibm10795696>)\n\n| Not affected | 9.0, 8.5, Liberty \n| CVE-2018-8039 | 7.5 | [Man-in-the-Middle](<https://www-01.ibm.com/support/docview.wss?uid=ibm10720065>) | Not affected | 9.0 Liberty \n| CVE-2018-3180 | 5.6 | [IBM Java SDK for October 2018 CPU](<https://www-01.ibm.com/support/docview.wss?uid=ibm10729607>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2018-3139 | 3.1 | [IBM Java SDK for October 2018 CPU](<https://www-01.ibm.com/support/docview.wss?uid=ibm10729607>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2018-2800 | 4.2 | [IBM Java SDK for April 2018 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg22016282>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2018-2783 | 7.4 | [IBM Java SDK for April 2018 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg22016282>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2018-2637 | 7.4 | [IBM Java SDK for January 2018 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg22013818>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2018-2634 | 6.8 | [IBM Java SDK for January 2018 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg22013818>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2018-2633 | 8.3 | [IBM Java SDK for January 2018 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg22013818>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2018-2603 | 5.3 | [IBM Java SDK for January 2018 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg22013818>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2018-2602 | 4.5 | [IBM Java SDK for January 2018 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg22013818>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2018-2579 | 3.7 | [IBM Java SDK for January 2018 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg22013818>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2018-1996 | 5.3 | [Weaker Security](<https://www-01.ibm.com/support/docview.wss?uid=ibm10793421>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2018-1957 | 4.0 | [Information Disclosure](<https://www-01.ibm.com/support/docview.wss?uid=ibm10744247>) | Not affected | 9.0 \n| CVE-2018-1926 | 4.3 | [Cross-site Request Forgery](<http://www-01.ibm.com/support/docview.wss?uid=ibm10742301>) | Not affected | 9.0, 8.5 \n| CVE-2018-1905 | 7.1 | [XXE vulnerability](<http://www-01.ibm.com/support/docview.wss?uid=ibm10738721>) | Not affected | 9.0 \n| CVE-2018-1904 | 8.1 | [Remote Code execution](<http://www-01.ibm.com/support/docview.wss?uid=ibm10738735>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2018-1902 | 3.1 | [Spoofing Vulnerability](<https://www-01.ibm.com/support/docview.wss?uid=ibm10795115>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2018-1901 | 5.0 | [Privilege Escalation](<http://www-01.ibm.com/support/docview.wss?uid=ibm10738727>) | Not affected | 9.0, 8.5, Liberty \n| CVE-2018-1890 | 5.6 | [IBM Java SDK for January 2019 CPU](<https://www-01.ibm.com/support/docview.wss?uid=ibm10873042>) | Not affected | 9.0, 8.5, Library \n| CVE-2018-1851 | 7.3 | [Code execution](<https://www-01.ibm.com/support/docview.wss?uid=ibm10735105>) | Not affected | Liberty \n| CVE-2018-1840 | 6.0 | [Privilege escalation](<http://www-01.ibm.com/support/docview.wss?uid=ibm10735767>) | Not affected | \n\n9.0, 8.5 \n \n| CVE-2018-1798 | 6.1 | [Cross-site scripting](<http://www-01.ibm.com/support/docview.wss?uid=ibm10730703>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2018-1797 | 6.3 | [Directory traversal](<http://www-01.ibm.com/support/docview.wss?uid=ibm10730699>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2018-1794 | 6.1 | [Cross-site scripting](<https://www-01.ibm.com/support/docview.wss?uid=ibm10729571>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2018-1793 | 6.1 | [Cross-site scripting](<https://www-01.ibm.com/support/docview.wss?uid=ibm10729563>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2018-1777 | 5.4 | [Cross-site scripting](<https://www-01.ibm.com/support/docview.wss?uid=ibm10730631>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2018-1770 | 6.5 | [Directory traversal](<https://www-01.ibm.com/support/docview.wss?uid=ibm10729521>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2018-1767 | 6.1 | [Cross-site scripting](<https://www-01.ibm.com/support/docview.wss?uid=ibm10729547>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2018-1755 | 5.9 | [Information Disclosure](<https://www-01.ibm.com/support/docview.wss?uid=ibm10728689>) | Not affected | Liberty \n| CVE-2018-1719 | 5.9 | [Weaker security](<https://www-01.ibm.com/support/docview.wss?uid=ibm10718837>) | Not affected | 9.0, 8.5 \n| CVE-2018-1695 | 7.3 | [Spoofing vulnerability](<https://www-01.ibm.com/support/docview.wss?uid=ibm10716523>) | Not affected | 8.5, 8.0, 7.0 \n| CVE-2018-1683 | 5.9 | [Information disclosure](<https://www-01.ibm.com/support/docview.wss?uid=ibm10716533>) | Not affected | Liberty \n| CVE-2018-1656 | 7.4 | [IBM Java SDK for July 2018 CPU](<https://www-01.ibm.com/support/docview.wss?uid=ibm10729349>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2018-1643 | 6.1 | [Cross-site Scripting](<https://www-01.ibm.com/support/docview.wss?uid=ibm10716857>) | Not affected | 9.0, 8.5, 8.0 \n| CVE-2018-1626 | 4.3 | [Cross-site Request Forgery](<http://www-01.ibm.com/support/docview.wss?uid=ibm10742301>) | Not affected | 9.0, 8.5 \n| CVE-2018-1621 | 4.4 | [Information disclosure](<http://www-01.ibm.com/support/docview.wss?uid=swg22016821>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2018-1614 | 5.8 | [Information disclosure](<http://www-01.ibm.com/support/docview.wss?uid=swg22016887>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2018-1567 | 9.8 | [Code execution](<https://www-01.ibm.com/support/docview.wss?uid=swg22016254>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2018-1553 | 5.3 | [Information disclosure](<http://www-01.ibm.com/support/docview.wss?uid=swg22016218>) | Not affected | Liberty \n| CVE-2018-1447 | 5.1 | Not affected | [Vulnerability in GSKit Component](<http://www-01.ibm.com/support/docview.wss?uid=swg22015347>) | 9.0, 8.5, 8.0, 7.0 \n| CVE-2018-1427 | 6.2 | Not affected | [Vulnerability in GSKit Component](<http://www-01.ibm.com/support/docview.wss?uid=swg22015347>) | 9.0, 8.5, 8.0, 7.0 \n| CVE-2018-1426 | 7.4 | Not affected | [Vulnerability in GSKit Component](<http://www-01.ibm.com/support/docview.wss?uid=swg22015347>) | 9.0, 8.5, 8.0, 7.0 \nROBOT | CVE-2018-1388 | 9.1 | Not affected | [Information Disclosure](<http://www-01.ibm.com/support/docview.wss?uid=swg22014196>) | 7.0 \n| CVE-2018-1301 | 5.3 | Not affected | [Denial of service](<http://www-01.ibm.com/support/docview.wss?uid=swg22015344>) | 9.0, 8.5, 8.0, 7.0 \n \n**2017 CVEs**\n\n**Name **\n\n| \n\n**CVE**\n\n| \n\n**CVSS Score**\n\n| \n\n**WebSphere Application Server Bulletin or Assessment**\n\n| \n\n**IBM HTTP Server Bulletin or Assessment**\n\n| \n\n**Versions Affected** \n \n---|---|---|---|---|--- \n| CVE-2017-15715 | 3.7 | Not affected | [Weaker security](<http://www-01.ibm.com/support/docview.wss?uid=swg22015344>) | 9.0, 8.5, 8.0, 7.0 \n| CVE-2017-15710 | 5.3 | Not affected | [Denial of Service](<http://www-01.ibm.com/support/docview.wss?uid=swg22015344>) | 9.0, 8.5, 8.0, 7.0 \n| CVE-2017-12624 | 5.3 | [Denial of Service](<http://www-01.ibm.com/support/docview.wss?uid=swg22013597>) | Not affected | 9.0, Liberty \n| CVE-2017-12618 | 5.5 | Not affected | [Denial of Service](<http://www-01.ibm.com/support/docview.wss?uid=swg22009782>) | 9.0, 8.5, 8.0, 7.0 \n| CVE-2017-12613 | 9.1 | Not affected | [Denial of Service](<http://www-01.ibm.com/support/docview.wss?uid=swg22013598>) | 9.0, 8.5, 8.0, 7.0 \n| CVE-2017-10388 | 7.5 | [IBM Java SDK for October 2017 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg22010560>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2017-10356 | 6.2 | [IBM Java SDK for October 2017 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg22010560>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2017-10116 | 8.3 | [IBM Java SDK for July 2017 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg22007002>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2017-10115 | 7.5 | [IBM Java SDK for July 2017 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg22007002>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2017-10102 | 9.0 | [IBM Java SDK for July 2017 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg22007002>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2017-9798 | 7.5 | Not affected | [Information Disclosure](<http://www-01.ibm.com/support/docview.wss?uid=swg22009782>) | 9.0, 8.5, 8.0, 7.0 \n| CVE-2017-7679 | 5.3 | Not affected | [Information Disclosure](<http://www-01.ibm.com/support/docview.wss?uid=swg22005280>) | 9.0, 8.5, 8.0, 7.0 \n| CVE-2017-7668 | 5.3 | Not affected | [Denial of Service](<http://www-01.ibm.com/support/docview.wss?uid=swg22005280>) | 9.0, 8.5, 8.0, 7.0 \n| CVE-2017-5638 | 7.3 | [Not affected bulletin](<http://www-01.ibm.com/support/docview.wss?uid=swg22000122>) | [Not affected bulletin](<http://www-01.ibm.com/support/docview.wss?uid=swg22000122>) | \n| CVE-2017-3736 | 5.9 | Not affected | [Vulnerability in GSKit Component](<http://www-01.ibm.com/support/docview.wss?uid=swg22015347>) | 9.0, 8.5, 8.0, 7.0 \n| CVE-2017-3732 | 5.3 | Not affected | [Vulnerability in GSKit Component](<http://www-01.ibm.com/support/docview.wss?uid=swg22015347>) | 9.0, 8.5, 8.0, 7.0 \n| CVE-2017-3511 | 7.7 | [IBM Java SDK for April 2017 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg22003016>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2017-3167 | 5.3 | Not affected | [Bypass security](<http://www-01.ibm.com/support/docview.wss?uid=swg22005280>) | 9.0, 8.5, 8.0, 7.0 \n| CVE-2017-1788 | 5.3 | [Spoofing](<http://www-01.ibm.com/support/docview.wss?uid=swg22012341>) | Not affected | 9.0, Liberty \n| CVE-2017-1743 | 4.3 | [Information Disclosure](<http://www-01.ibm.com/support/docview.wss?uid=swg22013601>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2017-1741 | 4.3 | [Information Disclosure](<http://www-01.ibm.com/support/docview.wss?uid=swg22012342>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2017-1731 | 8.8 | [Privilege escalation](<http://www-01.ibm.com/support/docview.wss?uid=swg22012345>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2017-1681 | 4.0 | [Information Disclosure](<http://www-01.ibm.com/support/docview.wss?uid=swg22010419>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2017-1583 | 5.3 | [Information Disclosure](<http://www-01.ibm.com/support/docview.wss?uid=swg22008707>) | Not affected | 8.5, 8.0, Liberty \n| CVE-2017-1504 | 5.3 | [Weaker security](<http://www-01.ibm.com/support/docview.wss?uid=swg22006803>) | Not affected | 9.0 \n| CVE-2017-1503 | 6.1 | [HTTP response splitting](<http://www-01.ibm.com/support/docview.wss?uid=swg22006815>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2017-1501 | 5.9 | [Weaker security](<http://www-01.ibm.com/support/docview.wss?uid=swg22006810>) | Not affected | 9.0, 8.5, 8.0 \n| CVE-2017-1382 | 5.1 | [Insecure file permissions](<http://www-01.ibm.com/support/docview.wss?uid=swg22004785>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2017-1381 | 2.9 | [Information disclosure](<http://www-01.ibm.com/support/docview.wss?uid=swg22004792>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2017-1380 | 5.4 | [Cross-site scripting](<http://www-01.ibm.com/support/docview.wss?uid=swg22004786>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2017-1194 | 4.3 | [Cross-site request forgery](<http://www-01.ibm.com/support/docview.wss?uid=swg22001226>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2017-1151 | 8.1 | [Privilege escalation](<http://www-01.ibm.com/support/docview.wss?uid=swg21999293>) | Not affected | 9.0, 8.5, 8.0 \n| CVE-2017-1137 | 5.9 | [Weaker security](<http://www-01.ibm.com/support/docview.wss?uid=swg21998469>) | Not affected | 8.5, 8.0 \n| CVE-2017-1121 | 5.4 | [Cross-site scripting vulnerability](<http://www-01.ibm.com/support/docview.wss?uid=swg21997743>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n \n**2016 CVEs**\n\n**Name **\n\n| \n\n**CVE**\n\n| \n\n**CVSS Score**\n\n| \n\n**WebSphere Application Server Bulletin or Assessment**\n\n| \n\n**IBM HTTP Server Bulletin or Assessment**\n\n| \n\n**Versions Affected** \n \n---|---|---|---|---|--- \n| CVE-2016-1000031 | 9.8 | [Execute Code](<http://www-01.ibm.com/support/docview.wss?uid=swg22011428>) | Not affected | 9.0, 8.5, 8.0, Liberty \n| CVE-2016-9736 | 3.7 | [Information Disclosure](<http://www-01.ibm.com/support/docview.wss?uid=swg21991469>) | Not affected | 9.0, 8.5, 8.0 \n| CVE-2016-8934 | 5.4 | [Cross-site scripting vulnerability](<http://www-01.ibm.com/support/docview.wss?uid=swg21992315>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2016-8919 | 5.9 | [Denial of service](<http://www-01.ibm.com/support/docview.wss?uid=swg21993797>) | Not affected | 9.0,8.5, 8.0, 7.0 \n| CVE-2016-8743 | 6.1 | Not affected | [Response splitting attack](<http://www-01.ibm.com/support/docview.wss?uid=swg21996847>) | 9.0,8.5, 8.0, 7.0 \n| CVE-2016-7056 | 4.0 | Not affected | [Vulnerability in GSKit Component](<http://www-01.ibm.com/support/docview.wss?uid=swg22015347>) | 9.0, 8.5, 8.0, 7.0 \n| CVE-2016-5986 | 3.7 | [Information Disclosure](<http://www-01.ibm.com/support/docview.wss?uid=swg21990056>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2016-5983 | 7.5 | [Gain Privileges](<http://www-01.ibm.com/support/docview.wss?uid=swg21990060>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2016-5597 | 5.9 | [IBM Java SDK for October 2016 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21993440>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2016-5573 | 8.3 | [IBM Java SDK for October 2016 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21993440>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2016-5549 | 6.5 | [IBM Java SDK for January 2017 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21998379>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2016-5548 | 6.5 | [IBM Java SDK for January 2017 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21998379>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2016-5547 | 5.3 | [IBM Java SDK for January 2017 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21998379>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2016-5546 | 7.5 | [IBM Java SDK for January 2017 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21998379>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \nHTTPOXY | CVE-2016-5387 | 8.1 | Not affected | [Redirect HTTP traffic](<http://www-01.ibm.com/support/docview.wss?uid=swg21988019>) | 9.0, 8.5, 8.0, 7.0 \n| CVE-2016-4975 | 6.1 | Not affected | Superseded by CVE-2016-8743 | 9.0, 8.5, 8.0, 7.0 \n| CVE-2016-4472 | 5.3 | Not affected | [Denial of Service with Expat](<http://www-01.ibm.com/support/docview.wss?uid=swg21988026>) | 9.0, 8.5, 8.0, 7.0 \n| CVE-2016-3485 | 2.9 | [IBM Java SDK for July 2016 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21988339>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2016-3427 | 10 | [IBM Java SDK for April 2016 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21982223>) | Not affected | 8.5, 8.0, 7.0, Liberty \n| CVE-2016-3426 | 4.3 | [IBM Java SDK for April 2016 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21982223>) | Not affected | 8.5, 8.0, 7.0, Liberty \n| CVE-2016-3092 | 5.3 | [Apache Commons FileUpload Vulnerability](<http://www-01.ibm.com/support/docview.wss?uid=swg21987864>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2016-3042 | 5.4 | [Cross-site scripting vulnerability](<http://www-01.ibm.com/support/docview.wss?uid=swg21986716>) | Not affected | Liberty \n| CVE-2016-3040 | 6.3 | [Open Redirect Vulnerability](<http://www-01.ibm.com/support/docview.wss?uid=swg21986715>) | Not affected | Liberty \n| CVE-2016-2960 | 3.7 | [Denial of Service with SIP Services](<http://www-01.ibm.com/support/docview.wss?uid=swg21984796>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2016-2945 | 5.0 | [Weaker security in Liberty API discovery feature](<http://www-01.ibm.com/support/docview.wss?uid=swg21984502>) | Not affected | Liberty \n| CVE-2016-2923 | 5.3 | [Information Disclosure vulnerability](<http://www-01.ibm.com/support/docview.wss?uid=swg21983700>) | Not affected | Liberty \nSWEET32 | CVE-2016-2183 | 3.7 | [IBM Java SDK for January 2017 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21998379>) | [IBM HTTP Server and Sweet32](<http://www-01.ibm.com/support/docview.wss?uid=swg21991548>) (21 Dec 2017) | 9.0 8.5, 8.0, 7.0, Liberty \n| CVE-2016-1182 \n \nCVE-2016-1182 | 4.8 \n \n4.8 | [Bypass Security Restrictions](<http://www-01.ibm.com/support/docview.wss?uid=swg21985995>) \n[Bypass Security Restrictions UDDI](<http://www-01.ibm.com/support/docview.wss?uid=swg22016214>) (21 June 2018) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2016-1181 \n \nCVE-2016-1181 | 8.1 \n \n8.1 | [Execute Code](<http://www-01.ibm.com/support/docview.wss?uid=swg21985995>) \n \n[Execute Code UDDI](<http://www-01.ibm.com/support/docview.wss?uid=swg22016214>) (21 June 2018) | Not affected \n \nNot affected | 9.0, 8.5, 8.0, 7.0 \n9.0, 8.5. 8.0, 7.0 \nDROWN | CVE-2016-0800 | | [Not affected bulletin](<http://www-01.ibm.com/support/docview.wss?uid=swg21978292>) | [Not affected bulletin](<http://www-01.ibm.com/support/docview.wss?uid=swg21978317>) | \n| CVE-2016-0718 | 9.8 | Not affected | [Denial of Service with Expat](<http://www-01.ibm.com/support/docview.wss?uid=swg21988026>) (13 Sept 2016) | 9.0, 8.5, 8.0, 7.0 \n| CVE-2016-0702 | 2.9 | Not affected | [Vulnerability in GSKit Component](<http://www-01.ibm.com/support/docview.wss?uid=swg22015347>) | 9.0, 8.5, 8.0 \n| CVE-2016-0488 | 4.0 | [IBM Java SDK for January 2016 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21975424>) | Not affected | 8.5, 8.0, 7.0, Liberty \n| CVE-2016-0475 | 5.8 | [IBM Java SDK for January 2016 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21975424>) | Not affected | 8.5, 8.0, 7.0, Liberty \n| CVE-2016-0466 | 5.0 | [IBM Java SDK for January 2016 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21975424>) | Not affected | 8.5, 8.0, 7.0, Liberty \n| CVE-2016-0389 | 5.3 | [Information Disclosure Vulnerability](<http://www-01.ibm.com/support/docview.wss?uid=swg21982012>) | Not affected | Liberty \n| CVE-2016-0385 | 3.1 | [Bypass security restrictions](<http://www-01.ibm.com/support/docview.wss?uid=swg21982588>) | Not affected | 9.0, 8.5, 8.0, 7.0, Liberty \n| CVE-2016-0378 | 3.7 | [Information Disclosure Vulnerability](<http://www-01.ibm.com/support/docview.wss?uid=swg21981529>) | Not affected | Liberty \n| CVE-2016-0377 | 4.3 | [Information Disclosure vulnerability](<http://www-01.ibm.com/support/docview.wss?uid=swg21980645>) | Not affected | 8.5, 8.0, 7.0 \n| CVE-2016-0360 | 8.1 | [Deserialize objects with MQ Resource adapter](<http://www-01.ibm.com/support/docview.wss?uid=swg21996748>) 14.03.2017 | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2016-0359 | 6.1 | [HTTP Response Splitting](<http://www-01.ibm.com/support/docview.wss?uid=swg21982526>) | Not affected | 8.5, 8.0, 7.0, Liberty \n| CVE-2016-0306 | 3.7 | [Security vulnerability if FIPS 140-2 is enabled](<http://www-01.ibm.com/support/docview.wss?uid=swg21979231>) | Not affected | 8.5, 8.0,7.0, Liberty \n| CVE-2016-0283 | 6.1 | [Cross-site scripting vulnerability](<http://www-01.ibm.com/support/docview.wss?uid=swg21978293>) | Not affected | Liberty \n| CVE-2016-0201 | 5.9 | Not affected | [Vulnerability in GSKit component](<http://www-01.ibm.com/support/docview.wss?uid=swg21974507>) | 8.5, 8.0, 7.0 \n \n**2015 CVEs**\n\n**Name**\n\n| \n\n**CVE**\n\n| \n\n**CVSS Score**\n\n| \n\n**WebSphere Application Server Bulletin or Assessment**\n\n| \n\n**IBM HTTP Server Bulletin or Assessment**\n\n| \n\n**Versions Affected** \n \n---|---|---|---|---|--- \nSLOTH | CVE-2015-7575 | 7.1 | [IBM Java SDK for January 2016 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21975424>) | Not affected | 8.5, 8.0, 7.0, Liberty \n| CVE-2015-7450 | 9.8 | \n\n[Vulnerability in Apache Commons affects IBM WebSphere Application Server](<https://www-01.ibm.com/support/docview.wss?uid=swg21970575>) (21 Dec 2017)\n\n[Knowledge Center updates ](<https://www.ibm.com/support/pages/node/1107105>) (14 Nov 2019)\n\n| Not affected | \n\n8.5, 8.0, 7.0, Liberty\n\n9.0 \n \n| CVE-2015-7420 | 3.7 | Not affected | [Vulnerability in GSKit component](<http://www-01.ibm.com/support/docview.wss?uid=swg21974507>) | 8.5, 8.0, 7.0 \n| CVE-2015-7417 | 5.4 | [Cross-site scripting with OAuth](<http://www-01.ibm.com/support/docview.wss?uid=swg21974520>) | Not affected | 8.5, 8.0, 7.0, Liberty \n| CVE-2015-5262 | 5.3 | [Denial of Service](<https://www.ibm.com/support/pages/node/6453091>) | Not affected | 9.0, 8.5, 8.0 \n| CVE-2015-5006 | 4.6 | [IBM Java SDK for October 2015 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21969620>) | Not affected | 8.5, 8.0, 7.0, 6.1, Liberty \n| CVE-2015-4947 | 7.5 | Not affected | [Stack buffer overflow](<http://www-01.ibm.com/support/docview.wss?uid=swg21965419>) | 8.5, 8.0, 7.0, 6.1 \n| CVE-2015-4938 | 3.5 | [Spoof servlet vulnerabilities](<http://www-01.ibm.com/support/docview.wss?uid=swg21963275>) | | 8.5, 8.0, 7.0, Liberty \n| CVE-2015-4872 | 5.0 | [IBM Java SDK for October 2015 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21969620>) | Not affected | 8.5, 8.0, 7.0, 6.1, Liberty \n| CVE-2015-4749 | 4.3 | [IBM Java SDK for July 2015 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21962931>) | Not affected | 8.5, 8.0, 7.0, 6.1, Liberty \n| CVE-2015-4734 | 5.0 | [IBM Java SDK for October 2015 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21969620>) | Not affected | 8.5, 8.0, 7.0, 6.1, Liberty \nLog Jam | CVE-2015-4000 | 4.3 | [Logjam with Diffie-Hellman ciphers](<http://www-01.ibm.com/support/docview.wss?uid=swg21957980>) | Not affected | 8.5, 8.0, 7.0, 6.1, Liberty \n| CVE-2015-3183 | 6.1 | Not affected | [HTTP Request smuggling](<http://www-01.ibm.com/support/docview.wss?uid=swg21963361>) | 8.5, 8.0, 7.0, 6.1 \nBar Mitzvah | CVE-2015-2808 | 5.0 | [Vulnerability in RC4 stream cipher affects WebSphere Application Server](<https://www-01.ibm.com/support/docview.wss?uid=swg21701503>) | [Vulnerability in RC4 stream cipher affects IBM HTTP Server and Caching Proxy](<https://www-01.ibm.com/support/docview.wss?uid=swg21701072>) | 8.5, 8.0, 7.0, 6.1, Liberty \n| CVE-2015-2625 | 2.6 | [IBM Java SDK for July 2015 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21962931>) | Not affected | 8.5, 8.0, 7.0, 6.1, Liberty \n| CVE-2015-2613 | 5.0 | [IBM Java SDK for July 2015 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21962931>) | Not affected | 8.5, 8.0, 7.0, 6.1, Liberty \n| CVE-2015-2601 | 5.0 | [IBM Java SDK for July 2015 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21962931>) | Not affected | 8.5, 8.0, 7.0, 6.1, Liberty \n| CVE-2015-2017 | 5.0 | [HTTP response splitting attack](<http://www-01.ibm.com/support/docview.wss?uid=swg21966837>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2015-1946 | 4.1 | [Gain elevated privileges](<http://www-01.ibm.com/support/docview.wss?uid=swg21959083>) | Not affected | 8.5, 8.0, 7.0 \n| CVE-2015-1936 | 4 | [Hijack users session vulnerability](<http://www-01.ibm.com/support/docview.wss?uid=swg21959083>) | Not affected | 8.5, 8.0 \n| CVE-2015-1932 | 5 | [Information Disclosure vulnerability](<http://www-01.ibm.com/support/docview.wss?uid=swg21963275>) | Not affected | 8.5, 8.0, 7.0 \n| CVE-2015-1931 | 2.1 | [IBM Java SDK for July 2015 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21962931>) | Not affected | 8.5, 8.0, 7.0, 6.1, Liberty \n| CVE-2015-1927 | 6.8 | [Gain elevated privileges vulnerability](<http://www-01.ibm.com/support/docview.wss?uid=swg21959083>) | Not affected | 8.5, 8.0, 7.0, Liberty \n| CVE-2015-1920 | 9.3 | [Security vulnerability with management port in WebSphere Application Server](<http://www-01.ibm.com/support/docview.wss?uid=swg21883573>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2015-1916 | 5.0 | [IBM Java SDK for April 2015 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21902260>) | Not affected | 8.5, 8.0, 7.0, 6.1, Liberty \n| CVE-2015-1885 | 9.3 | [Gain elevated privileges with OAuth grant password](<http://www-01.ibm.com/support/docview.wss?uid=swg21697368>) | Not affected | 8.5, 8.0, 7.0, Liberty \n| CVE-2015-1882 | 8.5 | [Gain elevated privileges with EJB](<http://www-01.ibm.com/support/docview.wss?uid=swg21697368>) | Not affected | Liberty \n| CVE-2015-1829 | 5.0 | Not affected | [Denial of Service on Windows with IBM HTTP Server](<http://www-01.ibm.com/support/docview.wss?uid=swg21959081>) | 8.5, 8.0, 7.0, 6.1 \n| CVE-2015-1788 | 5.0 | Not affected | [Denial of Service in GSKIT with IBM HTTP Server](<http://www-01.ibm.com/support/docview.wss?uid=swg21963362>) | 8.5, 8.0 \n| CVE-2015-1283 | 6.8 | Not affected | [Denial of Service with IBM HTTP Server](<http://www-01.ibm.com/support/docview.wss?uid=swg21964428>) | 8.5, 8.0, 7.0, 6.1 \n| CVE-2015-0899 | 4.3 | [Bypass security](<http://www-01.ibm.com/support/docview.wss?uid=swg22015348>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2015-0488 | 5.0 | [IBM Java SDK for April 2015 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21902260>) | Not affected | 8.5, 8.0, 7.0, 6.1, Liberty \n| CVE-2015-0478 | 4.3 | [IBM Java SDK for April 2015 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21902260>) | Not affected | 8.5, 8.0, 7.0, 6.1, Liberty \n| CVE-2015-0410 | 5.0 | [IBM Java SDK for January 2015 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21695362>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2015-0400 | 5.0 | [IBM Java SDK for January 2015 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21695362>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2015-0254 | 7.5 | [Security vulnerability in Apache Standard Taglibs](<http://www-01.ibm.com/support/docview.wss?uid=swg21978495>) | Not affected | 8.5, 8.0, 7.0, 6.1, Liberty \n| CVE-2015-0250 | 4.3 | [Security vulnerability in Apache Batik](<http://www-01.ibm.com/support/docview.wss?uid=swg21959083>) | Not affected | 8.5, 8.0, 7.0, 6.1 \nGhost | CVE-2015-0235 | | Not affected | Not affected | \n| CVE-2015-0226 | 5.0 | [Security vulnerability in Apache WSS4J](<http://www-01.ibm.com/support/docview.wss?uid=swg21959083>) | Not affected | 8.5 \n| CVE-2015-0204 | 4.3 | [IBM Java SDK for April 2015 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21902260>) | Not affected | 8.5, 8.0, 7.0, 6.1, Liberty \n| CVE-2015-0174 | 3.5 | [Information disclosure with SNMP](<http://www-01.ibm.com/support/docview.wss?uid=swg21697368>) | Not affected | 8.5 \n| CVE-2015-0175 | 4.0 | [Gain elevated privileges with authData elements](<http://www-01.ibm.com/support/docview.wss?uid=swg21697368>) | Not affected | Liberty \nFREAK | CVE-2015-0138 | 4.3 | [Vulnerability with RSA export Keys affects WebSphere Application Server](<http://www-01.ibm.com/support/docview.wss?uid=swg21698613>) | [Vulnerability with RSA export keys affects IBM HTTP Server](<http://www-01.ibm.com/support/docview.wss?uid=swg21698959>) | 8.5, 8.0, 7.0, 6.1, Liberty \n \n**2014 CVEs**\n\n**Name**\n\n| \n\n**CVE**\n\n| \n\n**CVSS Score**\n\n| \n\n**WebSphere Application Server Bulletin or Assessment**\n\n| \n\n**IBM HTTP Server Bulletin or Assessment**\n\n| \n\n**Versions Affected** \n \n---|---|---|---|---|--- \n| CVE-2014-8917 | 4.3 | [Cross-site Scripting in Dojo Toolkit](<http://www-01.ibm.com/support/docview.wss?uid=swg21697284>) | Not affected | 8.5, 8.0 \n| CVE-2014-8890 | 5.1 | [Elevated Privileges in Liberty](<http://www-01.ibm.com/support/docview.wss?uid=swg21690185>) | Not affected | Liberty \nTLS Padding | CVE-2014-8730 | 4.3 | [Not affected bulletin](<http://www-01.ibm.com/support/docview.wss?uid=swg21692484>) | [TLS Padding in IBM HTTP Server](<http://www-01.ibm.com/support/docview.wss?uid=swg21692502>) | 8.5, 8.0, 7.0, 6.1 \n| CVE-2014-7810 | 5.0 | [Bypass security](<https://www-01.ibm.com/support/docview.wss?uid=ibm10729557>) | [Bypass security](<https://www-01.ibm.com/support/docview.wss?uid=ibm10729557>) | 9.0, 8.5, 8.0, 7.0, Liberty \nShell shock | CVE-2014-7189 \nCVE-2014-7186 \nCVE-2014-7169 \nCVE-2014-6278 \nCVE-2014-6277 \nCVE-2014-6271 | | [Bash Vulnerabilities](<http://www-01.ibm.com/support/docview.wss?uid=swg21685433>) \n \nNot affected but applications could be | [Bash Vulnerabilities](<http://www-01.ibm.com/support/docview.wss?uid=swg21685433>) \n \nNot affected but applications could be | Customer application might be vulnerable \n| CVE-2014-6593 | 4.0 | [IBM Java SDK for January 2015 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21695362>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2014-6558 | 2.6 | [IBM Java SDK for October 2014 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21687740>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2014-6512 | 4.3 | [IBM Java SDK for October 2014 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21687740>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2014-6457 | 4.0 | [IBM Java SDK for October 2014 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21687740>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2014-6174 | 4.3 | [Click jacking vulnerability](<http://www-01.ibm.com/support/docview.wss?uid=swg21690185>) | Not affected | 8.5, 8.0, 7.0 \n| CVE-2014-6167 | | [Cross-site scripting](<https://www-304.ibm.com/support/docview.wss?uid=swg21682767>) | Not affected | 8.5, 8.0, 7.0, Liberty \n| CVE-2014-6166 | 5.0 | [Obtain sensitive information](<http://www-01.ibm.com/support/docview.wss?uid=swg21690185>) | Not affected | 8.5, 8.0 \n| CVE-2014-6164 | 4.3 | [Spoofing vulnerability](<http://www-01.ibm.com/support/docview.wss?uid=swg21690185>) | Not affected | 8.5 \n| CVE-2014-4816 | 3.5 | Not affected | [Cross-site scripting vulnerability](<https://www-304.ibm.com/support/docview.wss?uid=swg21682767>) | 8.5, 8.0, 7.0, 6.1, 6.0 \n| CVE-2014-4770 | 3.5 | Not affected | [Cross-site request forgery](<https://www-304.ibm.com/support/docview.wss?uid=swg21682767>) | 8.5, 8.0, 7.0, 6.1, 6.0 \n| CVE-2014-4767 | 4.3 | [Weaker than expected security](<http://www-01.ibm.com/support/docview.wss?uid=swg21681249>) | Not affected | Liberty \n| CVE-2014-4764 | 7.1 | [Denial of service](<http://www-01.ibm.com/support/docview.wss?uid=swg21681249>) | Not affected | 8.5, 8.0 \n| CVE-2014-4263 | 4.0 | [IBM Java SDK for July 2014 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21680418>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2014-4244 | 4.0 | [IBM Java SDK for July 2014 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21680418>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2014-3603 | 6.5 | [Spoofing](<https://www.ibm.com/support/pages/node/964764>) | Not affected | Liberty \n| CVE-2014-3577 | 4.3 | [Spoofing Vulnerability](<https://www.ibm.com/support/pages/node/6453091>) | Not affected | 9.0, 8.5, 8.0 \nPOODLE | CVE-2014-3566 | 4.3 | [IBM Java SDK for October 2014 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21687740>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2014-3083 | 5.0 | [Obtain sensitive information](<http://www-01.ibm.com/support/docview.wss?uid=swg21681249>) | Not affected | 8.5, 8.0, 7.0, Liberty \n| CVE-2014-3070 | 5.0 | [Obtain sensitive information](<http://www-01.ibm.com/support/docview.wss?uid=swg21676222>) | Not affected | 8.5, 8.0 \n| CVE-2014-3068 | 2.4 | [IBM Java SDK for July 2014 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21680418>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2014-3022 | 5.0 | [Bypass security](<https://www-304.ibm.com/support/docview.wss?uid=swg21676222>) | Not affected | 8.5, 8.0 \n| CVE-2014-3021 | 5.0 | [Obtain sensitive information](<http://www-01.ibm.com/support/docview.wss?uid=swg21690185>) | Not affected | 8.5, 8.0, 7.0 \n| CVE-2014-0965 | 4.3 | [Obtain sensitive information](<http://www-01.ibm.com/support/docview.wss?uid=swg21681249>) | Not affected | 8.5, 8.0, 7.0 \n| CVE-2014-0964 | 7.1 | [Denial of service](<http://www-01.ibm.com/support/docview.wss?uid=swg21671835>) | Not affected | 6.1 \n| CVE-2014-0963 | 7.1 | Not affected | [CPU exhaustion](<https://www-304.ibm.com/support/docview.wss?uid=swg21672843>) | 8.5, 8.0, 7.0, 6.1, 6.0 \n| CVE-2014-0896 | 4.3 | [Obtain sensitive information](<http://www-01.ibm.com/support/docview.wss?uid=swg21669554>) | Not affected | Liberty \n| CVE-2014-0891 | 5.0 | [Obtain sensitive information](<http://www-01.ibm.com/support/docview.wss?uid=swg21669554>) | Not affected | 8.5, 8.0, 7.0 \n| CVE-2014-0878 | 5.8 | [IBM Java SDK for April 2014 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21673013>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2014-0859 | 5.0 | [Denial of service](<http://www-01.ibm.com/support/docview.wss?uid=swg21669554>) | Not affected | 8.5, 8.0, 7.0, Liberty \n| CVE-2014-0857 | 4.0 | [Obtain Information](<http://www-01.ibm.com/support/docview.wss?uid=swg21671835>) | Not affected | 8.5, 8.0 \n| CVE-2014-0823 | 4.3 | [View Files](<http://www-01.ibm.com/support/docview.wss?uid=swg21671835>) | Not affected | 8.5, 8.0, Liberty \n| CVE-2014-0460 | 5.8 | [IBM Java SDK for April 2014 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21673013>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2014-0453 | 4.0 | [IBM Java SDK for April 2014 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21673013>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2014-0411 | 4.0 | [IBM Java SDK for January 2014 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21663938>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2014-0231 | 5.0 | Not affected | [Denial of Service](<https://www-304.ibm.com/support/docview.wss?uid=swg21672428>) | 8.5, 8.0, 7.0, 6.1, 6.0 \n| CVE-2014-0226 | 7.5 | Not affected | [Heap buffer overflow](<https://www-304.ibm.com/support/docview.wss?uid=swg21672428>) | 8.5, 8.0, 7.0, 6.1, 6.0 \nHeartbleed | CVE-2014-0160 | | [Not affected Bulletin](<http://www-01.ibm.com/support/docview.wss?uid=swg21669774>) | [Not affected Bulletin](<http://www-01.ibm.com/support/docview.wss?uid=swg21669774>) | \n| CVE-2014-0118 | 5.0 | Not affected | [Denial of Service](<https://www-304.ibm.com/support/docview.wss?uid=swg21672428>) | 8.5, 8.0, 7.0, 6.1, 6.0 \n| CVE-2014-0114 \nCVE-2014-0114 | 7.5 \n7.5 | [Execute code](<http://www-01.ibm.com/support/docview.wss?uid=swg21672316>) \n[Execute code UDDI](<http://www-01.ibm.com/support/docview.wss?uid=swg22016214>) (21 June 2018) | Not affected | 7.0, 6.1 \n9.0, 8.5, 8.0, 7.0 \n| CVE-2014-0098 | 5.0 | Not affected | [Denial of service](<https://www-304.ibm.com/support/docview.wss?uid=swg21667526>) | 8.5, 8.0, 7.0, 6.1 \n| CVE-2014-0076 | 2.1 | Not affected | [Information Disclosure](<http://www-01.ibm.com/support/docview.wss?uid=swg21681249>) | 8.5, 8.0 \n| CVE-2014-0050 | 5.0 | [Denial of service](<http://www-01.ibm.com/support/docview.wss?uid=swg21667254>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n \n**2013 CVEs**\n\n**Name**\n\n| \n\n**CVE**\n\n| \n\n**CVSS Score**\n\n| \n\n**WebSphere Application Server Bulletin or Assessment**\n\n| \n\n**IBM HTTP Server Bulletin or Assessment**\n\n| \n\n**Versions Affected** \n \n---|---|---|---|---|--- \n| CVE-2013-6747 | 7.1 | Not affected | [Denial of Service](<http://www-01.ibm.com/support/docview.wss?uid=swg21669554>) | 8.5, 8.0, 7.0 \n| CVE-2013-6738 | 4.3 | [Cross-site scripting](<http://www-01.ibm.com/support/docview.wss?uid=swg21669554>) | Not affected | 8.5, 8.0, 7.0, Liberty \n| CVE-2013-6725 | 3.5 | [Cross-site scripting](<http://www-01.ibm.com/support/docview.wss?uid=swg21661323>) | Not affected | 8.5, 8.0, 7.0 \n| CVE-2013-6440 | 4.3 | [XML External Entity](<http://www-01.ibm.com/support/docview.wss?uid=swg22010415>) | Not affected | Liberty \n| CVE-2013-6438 | 4.3 | Not affected | [Buffer overflow](<http://www-01.ibm.com/support/docview.wss?uid=swg21669554>) | 8.5, 8.0, 7.0 \n| CVE-2013-6330 | 2.1 | [Obtain sensitive information](<http://www-01.ibm.com/support/docview.wss?uid=swg21661323>) | Not affected | 7.0 \n| CVE-2013-6329 | 7.8 | Not affected | [Denial of Service](<http://www-01.ibm.com/support/docview.wss?uid=swg21659548>) | 8.5, 8.0, 7.0, 6.1 \n| CVE-2013-6325 | 4.3 | [Denial of Service](<http://www-01.ibm.com/support/docview.wss?uid=swg21661323>) | Not affected | 8.5, 8.0, 7.0 \n| CVE-2013-6323 | 3.5 | [Cross-site scripting](<http://www-01.ibm.com/support/docview.wss?uid=swg21669554>) | Not affected | 8.5, 8.0, 7.0 \n| CVE-2013-5802 | 2.6 | [IBM Java SDK for Oct 2013 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21655990>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2013-5780 | 4.3 | [IBM Java SDK for Oct 2013 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21655990>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2013-5704 | 5 | Not affected | [Bypass security](<http://www-01.ibm.com/support/docview.wss?uid=swg21672428>) | 8.5, 8.0, 7.0, 6.1 \n| CVE-2013-5425 | 3.5 | [Cross-site scripting](<http://www-01.ibm.com/support/docview.wss?uid=swg21651880>) | Not affected | 8.5 \n| CVE-2013-5418 | 3.5 | [Cross-site scripting](<http://www-01.ibm.com/support/docview.wss?uid=swg21651880>) | Not affected | 8.5, 8.0, 7.0 \n| CVE-2013-5417 | 4.3 | [Cross-site scripting](<http://www-01.ibm.com/support/docview.wss?uid=swg21651880>) | Not affected | 8.5, 8.0, 7.0 Liberty \n| CVE-2013-5414 | 3.5 | [Privilege escalation](<http://www-01.ibm.com/support/docview.wss?uid=swg21651880>) | Not affected | 8.5, 8.0, 7.0 \n| CVE-2013-5372 | 4.3 | [IBM Java SDK for Oct 2013 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21655990>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2013-4053 | 6.8 | [Privilege escalation](<http://www-01.ibm.com/support/docview.wss?uid=swg21647522>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2013-4052 | 4.3 | [Cross-site scripting](<http://www-01.ibm.com/support/docview.wss?uid=swg21647522>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2013-4039 | 4 | [Obtain sensitive information](<http://www-01.ibm.com/support/docview.wss?uid=swg21647485>) | Not affected | 8.5 \n| CVE-2013-4006 | 3.5 | [Obtain sensitive information](<http://www-01.ibm.com/support/docview.wss?uid=swg21651880>) | Not affected | Liberty \n| CVE-2013-4005 | 3.5 | [Cross-site scripting](<http://www-01.ibm.com/support/docview.wss?uid=swg21644047>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2013-4004 | 3.5 | [Cross-site scripting](<http://www-01.ibm.com/support/docview.wss?uid=swg21644047>) | Not affected | 8.5, 8.0 \n| CVE-2013-3029 | 4.3 | [Cross-site scripting](<http://www-01.ibm.com/support/docview.wss?uid=swg21640799>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2013-3024 | 6.9 | [Execute code](<http://www-01.ibm.com/support/docview.wss?uid=swg21639553>) | Not affected | 8.5 \n| CVE-2013-2976 | 1.9 | [Obtain sensitive information](<http://www-01.ibm.com/support/docview.wss?uid=swg21639553>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2013-2967 | 4.3 | [Cross-site scripting](<http://www-01.ibm.com/support/docview.wss?uid=swg21639553>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2013-1896 | 4.3 | Not affected | [Denial of Service](<http://www-01.ibm.com/support/docview.wss?uid=swg21643362>) | 8.5, 8.0, 7.0, 6.1 \n| CVE-2013-1862 | 5.1 | Not affected | [Command execution](<http://www-01.ibm.com/support/docview.wss?uid=swg21635991>) | 8.5, 8.0, 7.0, 6.1 \n| CVE-2013-1768 | 10 | [Deserialization](<http://www-01.ibm.com/support/docview.wss?uid=swg21635999>) | Not affected | 8.5, 8.0, 7.0, 6.1, Liberty \n| CVE-2013-1571 | 4.3 | [Clickjacking](<http://www-01.ibm.com/support/docview.wss?uid=swg21641387>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2013-0599 | 5 | [Obtain sensitive information](<http://www-01.ibm.com/support/docview.wss?uid=swg21651880>) | Not affected | 8.5 \n| CVE-2013-0597 | 3.5 | [Cross-site scripting](<http://www-01.ibm.com/support/docview.wss?uid=swg21635998>) | Not affected | 8.5, 8.0, 7.0, Liberty \n| CVE-2013-0596 | 4.3 | [Cross-site scripting](<http://www-01.ibm.com/support/docview.wss?uid=swg21647522>) | Not affected | 6.1 \n| CVE-2013-0565 | 4.3 | [Cross-site scripting](<http://www-01.ibm.com/support/docview.wss?uid=swg21632423>) | Not affected | 8.5 \n| CVE-2013-0544 | 3.5 | [File directory traversal](<http://www-01.ibm.com/support/docview.wss?uid=swg21632423>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2013-0543 | 6.8 | [Bypass security](<http://www-01.ibm.com/support/docview.wss?uid=swg21632423>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2013-0542 | 4.3 | [Cross-site scripting](<http://www-01.ibm.com/support/docview.wss?uid=swg21632423>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2013-0541 | 1.9 | [Buffer overflow](<http://www-01.ibm.com/support/docview.wss?uid=swg21632423>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2013-0540 | 4.9 | [Bypass security](<http://www-01.ibm.com/support/docview.wss?uid=swg21632423>) | Not affected | Liberty \n| CVE-2013-0482 | 2.6 | [Spoofing](<http://www-01.ibm.com/support/docview.wss?uid=swg21634646>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2013-0467 | 4 | [Obtain sensitive information](<http://www-01.ibm.com/support/docview.wss?uid=swg21651880>) | Not affected | 8.5 \n| CVE-2013-0464 | 4.3 | [Execute code](<http://www-01.ibm.com/support/docview.wss?uid=swg21651880>) | Not affected | 8.5, 8.0, \n| CVE-2013-0462 | 6.5 | [Bypass security](<http://www-01.ibm.com/support/docview.wss?uid=swg21632423>) | Not affected | 8.5, 8.0, 7.0, 6.1, Liberty \n| CVE-2013-0461 | 1.2 | [Cross-site scripting](<http://www-01.ibm.com/support/docview.wss?uid=swg21622444>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2013-0460 | 4.3 | [Cross-site scripting](<http://www-01.ibm.com/support/docview.wss?uid=swg21622444>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2013-0459 | 4.3 | [Cross-site scripting](<http://www-01.ibm.com/support/docview.wss?uid=swg21622444>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2013-0458 | 4.3 | [Cross-site scripting](<http://www-01.ibm.com/support/docview.wss?uid=swg21622444>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2013-0443 | 4 | [IBM Java SDK for Feb 2013 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21627634>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2013-0440 | 5 | [IBM Java SDK for Feb 2013 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21627634>) | Not affected | 8.5, 8.0, 7.0, 6.1 \nLucky Thirteen | CVE-2013-0169 | 4.3 | [IBM Java SDK for Feb 2013 CPU](<http://www-01.ibm.com/support/docview.wss?uid=swg21627634>) | [Side Channel Attack](<http://www-01.ibm.com/support/docview.wss?uid=swg21635988>) | 8.5, 8.0, 7.0, 6.1 \n \n**2012 CVEs**\n\n**Name**\n\n| \n\n**CVE**\n\n| \n\n**CVSS Score**\n\n| \n\n**WebSphere Application Server Bulletin or Assessment**\n\n| \n\n**IBM HTTP Server Bulletin or Assessment**\n\n| \n\n**Versions Affected** \n \n---|---|---|---|---|--- \n| CVE-2012-6153 | 4.3 | [Spoofing Vulnerability](<https://www.ibm.com/support/pages/node/6453091>) | Not affected | 9.0, 8.5, 8.0 \n| CVE-2012-5783 | 4.3 | [Spoofing attacks](<http://www-01.ibm.com/support/docview.wss?uid=swg22016216>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2012-4853 | 4.3 | [Cross-site request Forgery](<http://www-01.ibm.com/support/docview.wss?uid=swg21614265>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2012-4851 | 4.3 | [Cross-site scripting](<http://www-01.ibm.com/support/docview.wss?uid=swg21614265>) | Not affected | Liberty \n| CVE-2012-4850 | 7.5 | [Privilege escalation](<http://www-01.ibm.com/support/docview.wss?uid=swg21614265>) | Not affected | Liberty \n| CVE-2012-3330 | 5 | [Denial of Servic](<http://www-01.ibm.com/support/docview.wss?uid=swg21614265>)e | Not affected | 8.5, 8.0, 7.0 \n| CVE-2012-3325 | 6 | [Bypass security](<http://www-01.ibm.com/support/docview.wss?uid=swg21609067>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2012-3311 | 3 | [Bypass security](<http://www-01.ibm.com/support/docview.wss?uid=swg21611313>) | Not affected | 8.5, 8.0, 7.0 \n| CVE-2012-3306 | 4.3 | [Weaker security](<http://www-01.ibm.com/support/docview.wss?uid=swg21611313>) | Not affected | 8.5, 8.0, 7.0 \n| CVE-2012-3305 | 5.8 | [File directory traversal](<http://www-01.ibm.com/support/docview.wss?uid=swg21611313>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2012-3304 | 6.8 | [Hijack session](<http://www-01.ibm.com/support/docview.wss?uid=swg21611313>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2012-3293 | 4.3 | [Cross-site scripting](<http://www-01.ibm.com/support/docview.wss?uid=swg21611313>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2012-2191 | 5 | Not affected | [Denial of Service](<http://www-01.ibm.com/support/docview.wss?uid=swg21606096>) | 8.5, 8.0, 7.0, 6.1 \n| CVE-2012-2190 | 5 | Not affected | [Denial of Service](<http://www-01.ibm.com/support/docview.wss?uid=swg21606096>) | 8.5, 8.0, 7.0, 6.1 \n| CVE-2012-2170 | 4.3 | [Obtain sensitive information](<http://www-01.ibm.com/support/docview.wss?uid=swg21595172>) | Not affected | 8.0, 7.0, 6.1 \n| CVE-2012-2159 | 4.3 | [Cross-site scripting](<http://www-01.ibm.com/support/docview.wss?uid=swg21606096>) | Not affected | 8.5, 8.0 \n| CVE-2012-2098 | 5 | [Denial of Service](<http://www-01.ibm.com/support/docview.wss?uid=swg21644047>) | Not affected | 8.5, 8.0, 7.0, 6.1 \n| CVE-2012-1148 | 5 | Not affected | [Denial of Service](<http://www-01.ibm.com/support/docview.wss?uid=swg21988026>) | 9.0, 8.5, 8.0, 7.0 \n| CVE-2012-1007 | 4.3 | [Cross-site scripting](<http://www-01.ibm.com/support/docview.wss?uid=swg22016214>) | Not affected | 9.0, 8.5, 8.0, 7.0 \n| CVE-2012-0876 | 5 | Not affected | [Denial of Service](<http://www-01.ibm.com/support/docview.wss?uid=swg21988026>) | 9.0, 8.5, 8.0, 7.0 \n| CVE-2012-0720 | 4.3 | [Cross-site scripting](<http://www-01.ibm.com/support/docview.wss?uid=swg21587015>) | Not affected | 8.0, 7.0, 6.1 \n| CVE-2012-0717 | 2.6 | [Bypass security](<http://www-01.ibm.com/support/docview.wss?uid=swg21587015>) | Not affected | 7.0, 6.1 \n| CVE-2012-0716 | 4.3 | [Cross-site scripting](<http://www-01.ibm.com/support/docview.wss?uid=swg21587015>) | Not affected | 8.0, 7.0, 6.1 \n| CVE-2012-0193 | 5 | [Denial of Service](<http://www-01.ibm.com/support/docview.wss?uid=swg21587015>) | Not affected | 8.0, 7.0, 6.1 \n \n**2011 CVEs**\n\n**Name**\n\n| \n\n**CVE**\n\n| \n\n**CVSS Score**\n\n| \n\n**WebSphere Application Server Bulletin or Assessment**\n\n| \n\n**IBM HTTP Server Bulletin or Assessment**\n\n| \n\n**Versions Affected** \n \n---|---|---|---|---|--- \n| CVE-2011-4889 | 5 | [Weaker security](<http://www-01.ibm.com/support/docview.wss?uid=swg21587015>) | Not affected | 8.0, 7.0, 6.1 \n| CVE-2011-4343 | 5 | [Obtain sensitive information](<http://www-01.ibm.com/support/docview.wss?uid=swg22008707>) | Not affected | 8.5, 8.0, Liberty \n| CVE-2011-1498 | 5 | [Information Disclosure](<https://www.ibm.com/support/pages/node/6453091>) | Not affected | 9.0, 8.5, 8.0 \n| CVE-2011-1377 | 2.1 | [Weaker security](<http://www-01.ibm.com/support/docview.wss?uid=swg21589257>) | Not affected | 8.0, 7.0, 6.1 \n| CVE-2011-1376 | 4.4 | [Insecure permissions](<http://www-01.ibm.com/support/docview.wss?uid=swg21587015>) | Not affected | 8.0, 7.0, 6.1 \n \n**Important note: **IBM strongly suggests that all System z customers be subscribed to the System z Security Portal to receive the latest critical System z security and integrity service. If you are not subscribed, see the instructions on the [System z Security web site](<https://www.ibm.com/it-infrastructure/z/capabilities/system-integrity>). Security and integrity APARs and associated fixes will be posted to this portal. IBM suggests reviewing the CVSS scores and applying all security or integrity fixes as soon as possible to minimize any potential risk.\n\n[{\"Product\":{\"code\":\"SSEQTP\",\"label\":\"WebSphere Application Server\"},\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Component\":\"Security\",\"Platform\":[{\"code\":\"PF002\",\"label\":\"AIX\"},{\"code\":\"PF010\",\"label\":\"HP-UX\"},{\"code\":\"PF012\",\"label\":\"IBM i\"},{\"code\":\"PF016\",\"label\":\"Linux\"},{\"code\":\"PF027\",\"label\":\"Solaris\"},{\"code\":\"PF033\",\"label\":\"Windows\"},{\"code\":\"PF035\",\"label\":\"z\\/OS\"}],\"Version\":\"9.0.0.0;8.5.5;8.5;8.0;7.0;6.1\",\"Edition\":\"Advanced;Base;Developer;Express;Liberty;Network Deployment\",\"Line of Business\":{\"code\":\"LOB45\",\"label\":\"Automation\"}},{\"Product\":{\"code\":\"SSEQTJ\",\"label\":\"IBM HTTP Server\"},\"Business Unit\":{\"code\":\"BU053\",\"label\":\"Cloud \\u0026 Data Platform\"},\"Component\":\" \",\"Platform\":[{\"code\":\"\",\"label\":\"\"}],\"Version\":\"\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"\",\"label\":\"\"}},{\"Product\":{\"code\":\"SSCKBL\",\"label\":\"WebSphere Application Server Hypervisor Edition\"},\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Component\":\" \",\"Platform\":[{\"code\":\"\",\"label\":\"\"}],\"Version\":\"\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB45\",\"label\":\"Automation\"}},{\"Product\":{\"code\":\"SSD28V\",\"label\":\"WebSphere Application Server Liberty Core\"},\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Component\":\" \",\"Platform\":[{\"code\":\"\",\"label\":\"\"}],\"Version\":\"\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB45\",\"label\":\"Automation\"}}]", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2022-07-13T18:04:48", "type": "ibm", "title": "WebSphere Application Server and IBM HTTP Server Security Bulletin List", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-1376", "CVE-2011-1377", "CVE-2011-1498", "CVE-2011-4343", "CVE-2011-4889", "CVE-2012-0193", "CVE-2012-0716", "CVE-2012-0717", "CVE-2012-0720", "CVE-2012-0876", "CVE-2012-1007", "CVE-2012-1148", "CVE-2012-2098", "CVE-2012-2159", "CVE-2012-2170", "CVE-2012-2190", "CVE-2012-2191", "CVE-2012-3293", "CVE-2012-3304", "CVE-2012-3305", "CVE-2012-3306", "CVE-2012-3311", "CVE-2012-3325", "CVE-2012-3330", "CVE-2012-4850", "CVE-2012-4851", "CVE-2012-4853", "CVE-2012-5783", "CVE-2012-6153", "CVE-2013-0169", "CVE-2013-0440", "CVE-2013-0443", "CVE-2013-0458", "CVE-2013-0459", "CVE-2013-0460", "CVE-2013-0461", "CVE-2013-0462", "CVE-2013-0464", "CVE-2013-0467", "CVE-2013-0482", "CVE-2013-0540", "CVE-2013-0541", "CVE-2013-0542", "CVE-2013-0543", "CVE-2013-0544", "CVE-2013-0565", "CVE-2013-0596", "CVE-2013-0597", "CVE-2013-0599", "CVE-2013-1571", "CVE-2013-1768", "CVE-2013-1862", "CVE-2013-1896", "CVE-2013-2967", "CVE-2013-2976", "CVE-2013-3024", "CVE-2013-3029", "CVE-2013-4004", "CVE-2013-4005", "CVE-2013-4006", "CVE-2013-4039", "CVE-2013-4052", "CVE-2013-4053", "CVE-2013-5372", "CVE-2013-5414", "CVE-2013-5417", "CVE-2013-5418", "CVE-2013-5425", "CVE-2013-5704", "CVE-2013-5780", "CVE-2013-5802", "CVE-2013-6323", "CVE-2013-6325", "CVE-2013-6329", "CVE-2013-6330", "CVE-2013-6438", "CVE-2013-6440", "CVE-2013-6725", "CVE-2013-6738", "CVE-2013-6747", "CVE-2014-0050", "CVE-2014-0076", "CVE-2014-0098", "CVE-2014-0114", "CVE-2014-0118", "CVE-2014-0160", "CVE-2014-0226", "CVE-2014-0231", "CVE-2014-0411", "CVE-2014-0453", "CVE-2014-0460", "CVE-2014-0823", "CVE-2014-0857", "CVE-2014-0859", "CVE-2014-0878", "CVE-2014-0891", "CVE-2014-0896", "CVE-2014-0963", "CVE-2014-0964", "CVE-2014-0965", "CVE-2014-3021", "CVE-2014-3022", "CVE-2014-3068", "CVE-2014-3070", "CVE-2014-3083", "CVE-2014-3566", "CVE-2014-3577", "CVE-2014-3603", "CVE-2014-4244", "CVE-2014-4263", "CVE-2014-4764", "CVE-2014-4767", "CVE-2014-4770", "CVE-2014-4816", "CVE-2014-6164", "CVE-2014-6166", "CVE-2014-6167", "CVE-2014-6174", "CVE-2014-6271", "CVE-2014-6277", "CVE-2014-6278", "CVE-2014-6457", "CVE-2014-6512", "CVE-2014-6558", "CVE-2014-6593", "CVE-2014-7169", "CVE-2014-7186", "CVE-2014-7189", "CVE-2014-7810", "CVE-2014-8730", "CVE-2014-8890", "CVE-2014-8917", "CVE-2015-0138", "CVE-2015-0174", "CVE-2015-0175", "CVE-2015-0204", "CVE-2015-0226", "CVE-2015-0235", "CVE-2015-0250", "CVE-2015-0254", "CVE-2015-0400", "CVE-2015-0410", "CVE-2015-0478", "CVE-2015-0488", "CVE-2015-0899", "CVE-2015-1283", "CVE-2015-1788", "CVE-2015-1829", "CVE-2015-1882", "CVE-2015-1885", "CVE-2015-1916", "CVE-2015-1920", "CVE-2015-1927", "CVE-2015-1931", "CVE-2015-1932", "CVE-2015-1936", "CVE-2015-1946", "CVE-2015-2017", "CVE-2015-2601", "CVE-2015-2613", "CVE-2015-2625", "CVE-2015-2808", "CVE-2015-3183", "CVE-2015-4000", "CVE-2015-4734", "CVE-2015-4749", "CVE-2015-4872", "CVE-2015-4938", "CVE-2015-4947", "CVE-2015-5006", "CVE-2015-5262", "CVE-2015-7417", "CVE-2015-7420", "CVE-2015-7450", "CVE-2015-7575", "CVE-2016-0201", "CVE-2016-0283", "CVE-2016-0306", "CVE-2016-0359", "CVE-2016-0360", "CVE-2016-0377", "CVE-2016-0378", "CVE-2016-0385", "CVE-2016-0389", "CVE-2016-0466", "CVE-2016-0475", "CVE-2016-0488", "CVE-2016-0702", "CVE-2016-0718", "CVE-2016-0800", "CVE-2016-1000031", "CVE-2016-1181", "CVE-2016-1182", "CVE-2016-2183", "CVE-2016-2923", "CVE-2016-2945", "CVE-2016-2960", "CVE-2016-3040", "CVE-2016-3042", "CVE-2016-3092", "CVE-2016-3426", "CVE-2016-3427", "CVE-2016-3485", "CVE-2016-4472", "CVE-2016-4975", "CVE-2016-5387", "CVE-2016-5546", "CVE-2016-5547", "CVE-2016-5548", "CVE-2016-5549", "CVE-2016-5573", "CVE-2016-5597", "CVE-2016-5983", "CVE-2016-5986", "CVE-2016-7056", "CVE-2016-8743", "CVE-2016-8919", "CVE-2016-8934", "CVE-2016-9736", "CVE-2017-10102", "CVE-2017-10115", "CVE-2017-10116", "CVE-2017-10356", "CVE-2017-10388", "CVE-2017-1121", "CVE-2017-1137", "CVE-2017-1151", "CVE-2017-1194", "CVE-2017-12613", "CVE-2017-12618", "CVE-2017-12624", "CVE-2017-1380", "CVE-2017-1381", "CVE-2017-1382", "CVE-2017-1501", "CVE-2017-1503", "CVE-2017-1504", "CVE-2017-15710", "CVE-2017-15715", "CVE-2017-1583", "CVE-2017-1681", "CVE-2017-1731", "CVE-2017-1741", "CVE-2017-1743", "CVE-2017-1788", "CVE-2017-3167", "CVE-2017-3511", "CVE-2017-3732", "CVE-2017-3736", "CVE-2017-5638", "CVE-2017-7668", "CVE-2017-7679", "CVE-2017-9798", "CVE-2018-10237", "CVE-2018-12539", "CVE-2018-12547", "CVE-2018-1301", "CVE-2018-1388", "CVE-2018-1426", "CVE-2018-1427", "CVE-2018-1447", "CVE-2018-1553", "CVE-2018-1567", "CVE-2018-1614", "CVE-2018-1621", "CVE-2018-1626", "CVE-2018-1643", "CVE-2018-1656", "CVE-2018-1683", "CVE-2018-1695", "CVE-2018-1719", "CVE-2018-17199", "CVE-2018-1755", "CVE-2018-1767", "CVE-2018-1770", "CVE-2018-1777", "CVE-2018-1793", "CVE-2018-1794", "CVE-2018-1797", "CVE-2018-1798", "CVE-2018-1840", "CVE-2018-1851", "CVE-2018-1890", "CVE-2018-1901", "CVE-2018-1902", "CVE-2018-1904", "CVE-2018-1905", "CVE-2018-1926", "CVE-2018-1957", "CVE-2018-1996", "CVE-2018-20843", "CVE-2018-25031", "CVE-2018-2579", "CVE-2018-2602", "CVE-2018-2603", "CVE-2018-2633", "CVE-2018-2634", "CVE-2018-2637", "CVE-2018-2783", "CVE-2018-2800", "CVE-2018-3139", "CVE-2018-3180", "CVE-2018-8039", "CVE-2019-0211", "CVE-2019-0220", "CVE-2019-10086", "CVE-2019-10092", "CVE-2019-10098", "CVE-2019-11777", "CVE-2019-12402", "CVE-2019-12406", "CVE-2019-17495", "CVE-2019-17566", "CVE-2019-17573", "CVE-2019-2426", "CVE-2019-2949", "CVE-2019-2989", "CVE-2019-4030", "CVE-2019-4046", "CVE-2019-4080", "CVE-2019-4268", "CVE-2019-4269", "CVE-2019-4270", "CVE-2019-4271", "CVE-2019-4279", "CVE-2019-4285", "CVE-2019-4304", "CVE-2019-4305", "CVE-2019-4441", "CVE-2019-4442", "CVE-2019-4477", "CVE-2019-4505", "CVE-2019-4663", "CVE-2019-4670", "CVE-2019-4720", "CVE-2019-4732", "CVE-2019-9512", "CVE-2019-9513", "CVE-2019-9514", "CVE-2019-9515", "CVE-2019-9517", "CVE-2019-9518", "CVE-2020-10693", "CVE-2020-11985", "CVE-2020-13938", "CVE-2020-14577", "CVE-2020-14578", "CVE-2020-14579", "CVE-2020-14581", "CVE-2020-14621", "CVE-2020-14781", "CVE-2020-14782", "CVE-2020-14797", "CVE-2020-1927", "CVE-2020-1934", "CVE-2020-2590", "CVE-2020-2593", "CVE-2020-2601", "CVE-2020-2654", "CVE-2020-27221", "CVE-2020-2754", "CVE-2020-2755", "CVE-2020-2773", "CVE-2020-2781", "CVE-2020-2800", "CVE-2020-4163", "CVE-2020-4276", "CVE-2020-4303", "CVE-2020-4304", "CVE-2020-4329", "CVE-2020-4362", "CVE-2020-4365", "CVE-2020-4421", "CVE-2020-4448", "CVE-2020-4449", "CVE-2020-4450", "CVE-2020-4464", "CVE-2020-4534", "CVE-2020-4575", "CVE-2020-4576", "CVE-2020-4578", "CVE-2020-4589", "CVE-2020-4590", "CVE-2020-4629", "CVE-2020-4643", "CVE-2020-4782", "CVE-2020-4949", "CVE-2020-5016", "CVE-2020-5258", "CVE-2021-20353", "CVE-2021-20354", "CVE-2021-20453", "CVE-2021-20454", "CVE-2021-20480", "CVE-2021-20492", "CVE-2021-20517", "CVE-2021-2161", "CVE-2021-23450", "CVE-2021-2369", "CVE-2021-26296", "CVE-2021-26690", "CVE-2021-26691", "CVE-2021-29736", "CVE-2021-29754", "CVE-2021-29842", "CVE-2021-30641", "CVE-2021-34798", "CVE-2021-35517", "CVE-2021-35550", "CVE-2021-35564", "CVE-2021-35578", "CVE-2021-35603", "CVE-2021-36090", "CVE-2021-38951", "CVE-2021-39031", "CVE-2021-39038", "CVE-2021-39275", "CVE-2021-40438", "CVE-2021-4104", "CVE-2021-44224", "CVE-2021-44228", "CVE-2021-44790", "CVE-2021-44832", "CVE-2021-45046", "CVE-2021-45105", "CVE-2021-45960", "CVE-2021-46143", "CVE-2021-46708", "CVE-2022-21229", "CVE-2022-21299", "CVE-2022-21340", "CVE-2022-21496", "CVE-2022-22310", "CVE-2022-22365", "CVE-2022-22393", "CVE-2022-22473", "CVE-2022-22475", "CVE-2022-22476", "CVE-2022-22477", "CVE-2022-22719", "CVE-2022-22720", "CVE-2022-22721", "CVE-2022-22822", "CVE-2022-22823", "CVE-2022-22824", "CVE-2022-22825", "CVE-2022-22826", "CVE-2022-22827", "CVE-2022-23302", "CVE-2022-23305", "CVE-2022-23307", "CVE-2022-23852", "CVE-2022-23990", "CVE-2022-25235", "CVE-2022-25236", "CVE-2022-25313", "CVE-2022-25315", "CVE-2022-26377", "CVE-2022-28614", "CVE-2022-28615", "CVE-2022-29404", "CVE-2022-30556", "CVE-2022-31813"], "modified": "2022-07-13T18:04:48", "id": "7E0744D5936EDC5F018B0850D801B665D388060D6A81B986BC7AD81C9A78C0EE", "href": "https://www.ibm.com/support/pages/node/710969", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "cve": [{"lastseen": "2023-09-30T20:50:15", "description": "The MultiPageValidator implementation in Apache Struts 1 1.1 through 1.3.10 allows remote attackers to bypass intended access restrictions via a modified page parameter.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2016-07-04T22:59:00", "type": "cve", "title": "CVE-2015-0899", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0899"], "modified": "2018-07-01T01:29:00", "cpe": ["cpe:/a:apache:struts:1.2.6", "cpe:/a:apache:struts:1.2.9", "cpe:/a:apache:struts:1.3.10", "cpe:/a:apache:struts:1.0.2", "cpe:/a:apache:struts:1.3.5", "cpe:/a:apache:struts:1.2.8", "cpe:/a:apache:struts:1.0", "cpe:/a:apache:struts:1.2.2", "cpe:/a:apache:struts:1.3.8", "cpe:/a:apache:struts:1.2.4", "cpe:/a:apache:struts:1.2.7", "cpe:/a:apache:struts:1.1"], "id": "CVE-2015-0899", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0899", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:apache:struts:1.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:apache:struts:1.1:*:*:*:*:*:*:*", "cpe:2.3:a:apache:struts:1.1:b1:*:*:*:*:*:*", "cpe:2.3:a:apache:struts:1.2.9:*:*:*:*:*:*:*", "cpe:2.3:a:apache:struts:1.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:apache:struts:1.1:rc2:*:*:*:*:*:*", "cpe:2.3:a:apache:struts:1.3.8:*:*:*:*:*:*:*", "cpe:2.3:a:apache:struts:1.2.8:*:*:*:*:*:*:*", "cpe:2.3:a:apache:struts:1.1:b2:*:*:*:*:*:*", "cpe:2.3:a:apache:struts:1.2.7:*:*:*:*:*:*:*", "cpe:2.3:a:apache:struts:1.2.6:*:*:*:*:*:*:*", "cpe:2.3:a:apache:struts:1.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:apache:struts:1.3.10:*:*:*:*:*:*:*", "cpe:2.3:a:apache:struts:1.1:b3:*:*:*:*:*:*", "cpe:2.3:a:apache:struts:1.3.5:*:*:*:*:*:*:*", "cpe:2.3:a:apache:struts:1.0:*:*:*:*:*:*:*", "cpe:2.3:a:apache:struts:1.2.4:*:*:*:*:*:*:*"]}, {"lastseen": "2023-09-30T06:17:56", "description": "ActionServlet.java in Apache Struts 1 1.x through 1.3.10 mishandles multithreaded access to an ActionForm instance, which allows remote attackers to execute arbitrary code or cause a denial of service (unexpected memory access) via a multipart request, a related issue to CVE-2015-0899.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2016-07-04T22:59:00", "type": "cve", "title": "CVE-2016-1181", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0899", "CVE-2016-1181"], "modified": "2020-07-15T03:15:00", "cpe": ["cpe:/a:apache:struts:1.0.2", "cpe:/a:apache:struts:1.1", "cpe:/a:apache:struts:1.3.10", "cpe:/a:apache:struts:1.3.6", "cpe:/a:apache:struts:1.2.8", "cpe:/a:apache:struts:1.3.7", "cpe:/a:apache:struts:1.2.6", "cpe:/a:oracle:portal:11.1.1.6", "cpe:/a:apache:struts:1.2.0", "cpe:/a:oracle:banking_platform:2.3.0", "cpe:/a:apache:struts:1.3.8", "cpe:/a:apache:struts:1.2.1", "cpe:/a:apache:struts:1.2.9", "cpe:/a:apache:struts:1.2.5", "cpe:/a:apache:struts:1.3.9", "cpe:/a:apache:struts:1.2.2", "cpe:/a:apache:struts:1.3.5", "cpe:/a:oracle:banking_platform:2.4.0", "cpe:/a:apache:struts:1.0", "cpe:/a:apache:struts:1.2.3", "cpe:/a:apache:struts:1.0.1", "cpe:/a:apache:struts:1.2.7", "cpe:/a:oracle:banking_platform:2.4.1", "cpe:/a:oracle:banking_platform:2.5.0", "cpe:/a:apache:struts:1.2.4"], "id": "CVE-2016-1181", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1181", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:apache:struts:1.1:rc2:*:*:*:*:*:*", "cpe:2.3:a:apache:struts:1.3.7:*:*:*:*:*:*:*", "cpe:2.3:a:apache:struts:1.1:*:*:*:*:*:*:*", "cpe:2.3:a:apache:struts:1.3.10:*:*:*:*:*:*:*", "cpe:2.3:a:apache:struts:1.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:apache:struts:1.2.6:*:*:*:*:*:*:*", "cpe:2.3:a:apache:struts:1.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_platform:2.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:apache:struts:1.0:beta1:*:*:*:*:*:*", "cpe:2.3:a:apache:struts:1.0:beta3:*:*:*:*:*:*", "cpe:2.3:a:apache:struts:1.1:b1:*:*:*:*:*:*", "cpe:2.3:a:apache:struts:1.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:apache:struts:1.3.5:*:*:*:*:*:*:*", "cpe:2.3:a:apache:struts:1.3.6:*:*:*:*:*:*:*", "cpe:2.3:a:apache:struts:1.0:*:*:*:*:*:*:*", "cpe:2.3:a:apache:struts:1.1:b2:*:*:*:*:*:*", "cpe:2.3:a:apache:struts:1.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:apache:struts:1.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:apache:struts:1.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_platform:2.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_platform:2.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_platform:2.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:apache:struts:1.3.8:*:*:*:*:*:*:*", "cpe:2.3:a:apache:struts:1.2.7:*:*:*:*:*:*:*", "cpe:2.3:a:apache:struts:1.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:apache:struts:1.2.9:*:*:*:*:*:*:*", "cpe:2.3:a:apache:struts:1.1:b3:*:*:*:*:*:*", "cpe:2.3:a:oracle:portal:11.1.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:apache:struts:1.0:beta2:*:*:*:*:*:*", "cpe:2.3:a:apache:struts:1.3.9:*:*:*:*:*:*:*", "cpe:2.3:a:apache:struts:1.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:apache:struts:1.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:apache:struts:1.2.8:*:*:*:*:*:*:*"]}, {"lastseen": "2023-09-30T06:11:31", "description": "ActionServlet.java in Apache Struts 1 1.x through 1.3.10 does not properly restrict the Validator configuration, which allows remote attackers to conduct cross-site scripting (XSS) attacks or cause a denial of service via crafted input, a related issue to CVE-2015-0899.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 8.2, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 4.2}, "published": "2016-07-04T22:59:00", "type": "cve", "title": "CVE-2016-1182", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0899", "CVE-2016-1182"], "modified": "2020-07-15T03:15:00", "cpe": ["cpe:/a:apache:struts:1.0.2", "cpe:/a:apache:struts:1.1", "cpe:/a:apache:struts:1.3.10", "cpe:/a:apache:struts:1.3.6", "cpe:/a:apache:struts:1.2.8", "cpe:/a:apache:struts:1.3.7", "cpe:/a:apache:struts:1.2.6", "cpe:/a:apache:struts:1.2.0", "cpe:/a:apache:struts:1.3.8", "cpe:/a:apache:struts:1.2.1", "cpe:/a:apache:struts:1.2.9", "cpe:/a:apache:struts:1.2.5", "cpe:/a:apache:struts:1.3.9", "cpe:/a:apache:struts:1.2.2", "cpe:/a:apache:struts:1.3.5", "cpe:/a:apache:struts:1.2.3", "cpe:/a:apache:struts:1.0", "cpe:/a:apache:struts:1.0.1", "cpe:/a:apache:struts:1.2.7", "cpe:/a:apache:struts:1.2.4"], "id": "CVE-2016-1182", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1182", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}, "cpe23": ["cpe:2.3:a:apache:struts:1.1:rc2:*:*:*:*:*:*", "cpe:2.3:a:apache:struts:1.3.7:*:*:*:*:*:*:*", "cpe:2.3:a:apache:struts:1.1:*:*:*:*:*:*:*", "cpe:2.3:a:apache:struts:1.3.10:*:*:*:*:*:*:*", "cpe:2.3:a:apache:struts:1.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:apache:struts:1.2.6:*:*:*:*:*:*:*", "cpe:2.3:a:apache:struts:1.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:apache:struts:1.0:beta1:*:*:*:*:*:*", "cpe:2.3:a:apache:struts:1.0:beta3:*:*:*:*:*:*", "cpe:2.3:a:apache:struts:1.1:b1:*:*:*:*:*:*", "cpe:2.3:a:apache:struts:1.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:apache:struts:1.3.5:*:*:*:*:*:*:*", "cpe:2.3:a:apache:struts:1.3.6:*:*:*:*:*:*:*", "cpe:2.3:a:apache:struts:1.0:*:*:*:*:*:*:*", "cpe:2.3:a:apache:struts:1.1:b2:*:*:*:*:*:*", "cpe:2.3:a:apache:struts:1.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:apache:struts:1.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:apache:struts:1.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:apache:struts:1.2.7:*:*:*:*:*:*:*", "cpe:2.3:a:apache:struts:1.3.8:*:*:*:*:*:*:*", "cpe:2.3:a:apache:struts:1.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:apache:struts:1.2.9:*:*:*:*:*:*:*", "cpe:2.3:a:apache:struts:1.1:b3:*:*:*:*:*:*", "cpe:2.3:a:apache:struts:1.0:beta2:*:*:*:*:*:*", "cpe:2.3:a:apache:struts:1.3.9:*:*:*:*:*:*:*", "cpe:2.3:a:apache:struts:1.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:apache:struts:1.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:apache:struts:1.2.8:*:*:*:*:*:*:*"]}], "jvn": [{"lastseen": "2023-09-30T23:41:54", "description": "The Validator in Apache Struts 1.1 and later contains a function (MPV -- Multi Page Validator) to efficiently define rules for input validation across multiple pages during screen transitions. \nThe MPV contains a vulnerability where input validation may be bypassed. \nWhen the Apache Struts 1 Validator is used, the web application may be vulnerable even when the MPV is not used explicitly.\n\n ## Impact\n\nInput validation being bypassed may result in invalid data being entered into the database. Affects of the vulnerability depend on the application.\n\n ## Solution\n\n**Apply an Update** \nUpdate to the latest version according to the information provided by the developer.\n\n ## Products Affected\n\n * S2Struts 1.2.13 and earlier\n * S2Struts 1.3.2 and earlier\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2015-04-10T00:00:00", "type": "jvn", "title": "JVN#91383083: Seasar S2Struts vulnerable to input validation bypass", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0899"], "modified": "2015-04-10T00:00:00", "id": "JVN:91383083", "href": "http://jvn.jp/en/jp/JVN91383083/index.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-09-30T23:43:24", "description": "The Validator in Apache Struts 1.1 and later contains a function (MPV -- Multi Page Validator) to efficiently define rules for input validation across multiple pages during screen transitions. \nThe MPV contains a vulnerability where input validation may be bypassed. \nWhen the Apache Struts 1 Validator is used, the web application may be vulnerable even when the MPV is not used explicitly.\n\n ## Impact\n\nInput validation being bypassed may result in invalid data being entered into the database. Affects of the vulnerability depend on the application.\n\n ## Solution\n\n**Apply an Update** \nUpdate to the latest version according to the information provided by the developer. \n \nOn March 24, 2015, TERASOLUNA Server Framework for Java(Web) 2.0.5.3 which includes Apache Struts 1.2.9 with SP2 by TERASOLUNA was released to address this vulnerability. \nAccording to NTT Data Corporation, they have also released [Apache Struts 1.2.9 with SP2 by TERASOLUNA](<http://sourceforge.jp/projects/terasoluna/wiki/StrutsPatch2-JP>) separately to address this vulnerability.\n\n ## Products Affected\n\n * TERASOLUNA Server Framework for Java(WEB) versions 2.0.0.1 through 2.0.5.2\n\nFor more information, refer to the information provided by the developer. \n\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2015-03-24T00:00:00", "type": "jvn", "title": "JVN#86448949: The Validator in TERASOLUNA Server Framework for Java(WEB) vulnerable to input validation bypass", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0899"], "modified": "2015-04-10T00:00:00", "id": "JVN:86448949", "href": "http://jvn.jp/en/jp/JVN86448949/index.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}], "openvas": [{"lastseen": "2019-05-29T18:35:10", "description": "It was discovered that libstruts1.2-java,\na Java framework for MVC applications, contains a bug in its multi-page validation\ncode. This allows input validation to be bypassed, even if MPV is not used\ndirectly.", "cvss3": {}, "published": "2016-03-31T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3536-1 (libstruts1.2-java - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-0899"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:1361412562310703536", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703536", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3536.nasl 14279 2019-03-18 14:48:34Z cfischer $\n# Auto-generated from advisory DSA 3536-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703536\");\n script_version(\"$Revision: 14279 $\");\n script_cve_id(\"CVE-2015-0899\");\n script_name(\"Debian Security Advisory DSA 3536-1 (libstruts1.2-java - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:48:34 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-03-31 00:00:00 +0200 (Thu, 31 Mar 2016)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2016/dsa-3536.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB7\");\n script_tag(name:\"affected\", value:\"libstruts1.2-java on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the oldstable distribution (wheezy),\nthis problem has been fixed in version 1.2.9-5+deb7u2.\n\nWe recommend that you upgrade your libstruts1.2-java packages.\");\n script_tag(name:\"summary\", value:\"It was discovered that libstruts1.2-java,\na Java framework for MVC applications, contains a bug in its multi-page validation\ncode. This allows input validation to be bypassed, even if MPV is not used\ndirectly.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software\nversion using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"libstruts1.2-java\", ver:\"1.2.9-5+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2017-07-24T12:54:27", "description": "It was discovered that libstruts1.2-java,\na Java framework for MVC applications, contains a bug in its multi-page validation\ncode. This allows input validation to be bypassed, even if MPV is not used\ndirectly.", "cvss3": {}, "published": "2016-03-31T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3536-1 (libstruts1.2-java - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-0899"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:703536", "href": "http://plugins.openvas.org/nasl.php?oid=703536", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3536.nasl 6608 2017-07-07 12:05:05Z cfischer $\n# Auto-generated from advisory DSA 3536-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_id(703536);\n script_version(\"$Revision: 6608 $\");\n script_cve_id(\"CVE-2015-0899\");\n script_name(\"Debian Security Advisory DSA 3536-1 (libstruts1.2-java - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2017-07-07 14:05:05 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name: \"creation_date\", value: \"2016-03-31 00:00:00 +0200 (Thu, 31 Mar 2016)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n script_tag(name: \"qod_type\", value: \"package\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2016/dsa-3536.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"libstruts1.2-java on Debian Linux\");\n script_tag(name: \"insight\", value: \"The core of the Struts framework is\na flexible control layer based on standard technologies like Servlets, JavaBeans,\nResourceBundles, and Extensible Markup Language (XML), as well as various Apache\nCommons packages. Struts encourages application architectures based on the Model\n2 approach, a variation of the classic Model-View-Controller (MVC) design\nparadigm.\");\n script_tag(name: \"solution\", value: \"For the oldstable distribution (wheezy),\nthis problem has been fixed in version 1.2.9-5+deb7u2.\n\nWe recommend that you upgrade your libstruts1.2-java packages.\");\n script_tag(name: \"summary\", value: \"It was discovered that libstruts1.2-java,\na Java framework for MVC applications, contains a bug in its multi-page validation\ncode. This allows input validation to be bypassed, even if MPV is not used\ndirectly.\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software\nversion using the apt package manager.\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libstruts1.2-java\", ver:\"1.2.9-5+deb7u2\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2019-05-29T18:36:07", "description": "Mageia Linux Local Security Checks mgasa-2015-0351", "cvss3": {}, "published": "2015-10-15T00:00:00", "type": "openvas", "title": "Mageia Linux Local Check: mgasa-2015-0351", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-0899"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310130036", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310130036", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: mgasa-2015-0351.nasl 11692 2018-09-28 16:55:19Z cfischer $\n#\n# Mageia Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://www.solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.130036\");\n script_version(\"$Revision: 11692 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-15 10:41:50 +0300 (Thu, 15 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 18:55:19 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Mageia Linux Local Check: mgasa-2015-0351\");\n script_tag(name:\"insight\", value:\"Updated struts packages fix security vulnerability: The Validator in Apache Struts 1.1 and later contains a function to efficiently define rules for input validation across multiple pages during screen transitions. This function contains a vulnerability where input validation may be bypassed. When the Apache Struts 1 Validator is used, the web application may be vulnerable even when this function is not used explicitly (CVE-2015-0899).\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://advisories.mageia.org/MGASA-2015-0351.html\");\n script_cve_id(\"CVE-2015-0899\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mageia_linux\", \"ssh/login/release\", re:\"ssh/login/release=MAGEIA5\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Mageia Linux Local Security Checks mgasa-2015-0351\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Mageia Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"MAGEIA5\")\n{\nif ((res = isrpmvuln(pkg:\"struts\", rpm:\"struts~1.3.10~8.1.mga5\", rls:\"MAGEIA5\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:36:03", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-09-04T00:00:00", "type": "openvas", "title": "Fedora Update for struts FEDORA-2015-14237", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-0899"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310869914", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869914", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for struts FEDORA-2015-14237\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.869914\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-09-04 08:13:10 +0200 (Fri, 04 Sep 2015)\");\n script_cve_id(\"CVE-2015-0899\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for struts FEDORA-2015-14237\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'struts'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"struts on Fedora 22\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2015-14237\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2015-September/165517.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC22\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC22\")\n{\n\n if ((res = isrpmvuln(pkg:\"struts\", rpm:\"struts~1.3.10~14.fc22\", rls:\"FC22\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-03-05T18:54:34", "description": "This host is running Apache Struts and is\n prone to multiple vulnerabilities.", "cvss3": {}, "published": "2016-11-18T00:00:00", "type": "openvas", "title": "Apache Struts Multiple Vulnerabilities-01 Nov16 (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-0899", "CVE-2016-1182", "CVE-2016-1181"], "modified": "2020-03-04T00:00:00", "id": "OPENVAS:1361412562310808538", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310808538", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_apache_struts_mult_vuln01_nov16_win.nasl 60709 2016-11-18 14:43:17 +0530 Nov$\n#\n# Apache Struts Multiple Vulnerabilities-01 Nov16 (Windows)\n#\n# Authors:\n# Tushar Khelge <ktushar@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:apache:struts\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.808538\");\n script_version(\"2020-03-04T09:29:37+0000\");\n script_cve_id(\"CVE-2016-1181\", \"CVE-2016-1182\", \"CVE-2015-0899\");\n script_bugtraq_id(91068, 91067, 74423);\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-03-04 09:29:37 +0000 (Wed, 04 Mar 2020)\");\n script_tag(name:\"creation_date\", value:\"2016-11-18 14:43:17 +0530 (Fri, 18 Nov 2016)\");\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n script_name(\"Apache Struts Multiple Vulnerabilities-01 Nov16 (Windows)\");\n\n script_tag(name:\"summary\", value:\"This host is running Apache Struts and is\n prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to,\n\n - An 'actionServlet.java' script mishandles multithreaded access to an\n ActionForm instance.\n\n - An 'actionServlet.java' script does not properly restrict the Validator\n configuration.\n\n - An error in the MultiPageValidator implementation.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to execute arbitrary code or cause a denial of service or conduct\n cross-site scripting or bypass intended access restrictions.\");\n\n script_tag(name:\"affected\", value:\"Apache Struts Version 1.0 through 1.3.10\n on Windows.\");\n\n script_tag(name:\"solution\", value:\"No known solution was made available for at least one year since the disclosure\n of this vulnerability. Likely none will be provided anymore. General solution options are to upgrade to a newer\n release, disable respective features, remove the product or replace the product by another one.\");\n\n script_tag(name:\"solution_type\", value:\"WillNotFix\");\n\n script_xref(name:\"URL\", value:\"http://jvn.jp/en/jp/JVN03188560/index.html\");\n script_xref(name:\"URL\", value:\"http://jvn.jp/en/jp/JVN65044642/index.html\");\n script_xref(name:\"URL\", value:\"http://jvn.jp/en/jp/JVN86448949/index.html\");\n\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_apache_struts_detect.nasl\", \"os_detection.nasl\");\n script_require_ports(\"Services/www\", 8080);\n script_mandatory_keys(\"ApacheStruts/installed\", \"Host/runs_windows\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!appPort = get_app_port(cpe:CPE)){\n exit(0);\n}\n\nif(!appVer = get_app_version(cpe:CPE, port:appPort)){\n exit(0);\n}\n\n## Vulnerable version according to Advisory\nif(appVer =~ \"^(1\\.)\")\n{\n if(version_in_range(version:appVer, test_version:\"1.0\", test_version2:\"1.3.10\"))\n {\n report = report_fixed_ver(installed_version:appVer, fixed_version:\"WillNotFix\");\n security_message(data:report, port:appPort);\n exit(0);\n }\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-03-05T18:54:08", "description": "This host is running Apache Struts and is\n prone to multiple vulnerabilities.", "cvss3": {}, "published": "2016-11-18T00:00:00", "type": "openvas", "title": "Apache Struts Multiple Vulnerabilities-01 Nov16 (Linux)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-0899", "CVE-2016-1182", "CVE-2016-1181"], "modified": "2020-03-04T00:00:00", "id": "OPENVAS:1361412562310809478", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310809478", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_apache_struts_mult_vuln01_nov16_lin.nasl 60709 2016-11-18 14:43:17 +0530 Nov$\n#\n# Apache Struts Multiple Vulnerabilities-01 Nov16 (Linux)\n#\n# Authors:\n# Tushar Khelge <ktushar@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:apache:struts\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.809478\");\n script_version(\"2020-03-04T09:29:37+0000\");\n script_cve_id(\"CVE-2016-1181\", \"CVE-2016-1182\", \"CVE-2015-0899\");\n script_bugtraq_id(91068, 91067, 74423);\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-03-04 09:29:37 +0000 (Wed, 04 Mar 2020)\");\n script_tag(name:\"creation_date\", value:\"2016-11-18 14:46:45 +0530 (Fri, 18 Nov 2016)\");\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n script_name(\"Apache Struts Multiple Vulnerabilities-01 Nov16 (Linux)\");\n\n script_tag(name:\"summary\", value:\"This host is running Apache Struts and is\n prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to,\n\n - An 'actionServlet.java' script mishandles multithreaded access to an\n ActionForm instance.\n\n - An 'actionServlet.java' script does not properly restrict the Validator\n configuration.\n\n - An error in the MultiPageValidator implementation.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to execute arbitrary code or cause a denial of service or conduct\n cross-site scripting or bypass intended access restrictions.\");\n\n script_tag(name:\"affected\", value:\"Apache Struts Version 1.0 through 1.3.10\n on Linux.\");\n\n script_tag(name:\"solution\", value:\"No known solution was made available for at least one year since the disclosure\n of this vulnerability. Likely none will be provided anymore. General solution options are to upgrade to a newer\n release, disable respective features, remove the product or replace the product by another one.\");\n\n script_tag(name:\"solution_type\", value:\"WillNotFix\");\n\n script_xref(name:\"URL\", value:\"http://jvn.jp/en/jp/JVN03188560/index.html\");\n script_xref(name:\"URL\", value:\"http://jvn.jp/en/jp/JVN65044642/index.html\");\n script_xref(name:\"URL\", value:\"http://jvn.jp/en/jp/JVN86448949/index.html\");\n\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_apache_struts_detect.nasl\", \"os_detection.nasl\");\n script_require_ports(\"Services/www\", 8080);\n script_mandatory_keys(\"ApacheStruts/installed\", \"Host/runs_unixoide\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!appPort = get_app_port(cpe:CPE)){\n exit(0);\n}\n\nif(!appVer = get_app_version(cpe:CPE, port:appPort)){\n exit(0);\n}\n\n## Vulnerable version according to Advisory\nif(appVer =~ \"^(1\\.)\")\n{\n if(version_in_range(version:appVer, test_version:\"1.0\", test_version2:\"1.3.10\"))\n {\n report = report_fixed_ver(installed_version:appVer, fixed_version:\"WillNotFix\");\n security_message(data:report, port:appPort);\n exit(0);\n }\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "f5": [{"lastseen": "2021-06-08T18:45:05", "description": "**Note**: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value.\n\nRecommended Action\n\nIf the previous table lists a version in the **Versions known to be not vulnerable** column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version in the column, then no upgrade candidate currently exists.\n\nF5 responds to vulnerabilities in accordance with the Severity values published in the previous table. The Severity values and other security vulnerability parameters are defined in SOL4602: Overview of the F5 security vulnerability response policy.\n\nTo mitigate this vulnerability, you should permit access to the ARX GUI only over a secure network. Additionally, F5 recommends that you use the ARX command line instead of the GUI. \n\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4918: Overview of the F5 critical issue hotfix policy\n * SOL167: Downloading software and firmware from F5\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2015-04-15T00:00:00", "type": "f5", "title": "SOL16444 - Apache vulnerability CVE-2015-0899", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0899"], "modified": "2015-04-15T00:00:00", "id": "SOL16444", "href": "http://support.f5.com/kb/en-us/solutions/public/16000/400/sol16444.html", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2021-06-08T18:45:13", "description": "Vulnerability Recommended Actions\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4602: Overview of the F5 security vulnerability response policy\n * SOL4918: Overview of the F5 critical issue hotfix policy\n * SOL167: Downloading software and firmware from F5\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "LOW", "baseScore": 8.2, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 4.2}, "published": "2016-06-16T00:00:00", "type": "f5", "title": "SOL04403302 - Apache Struts 1 vulnerability CVE-2016-1182", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0899", "CVE-2016-1182"], "modified": "2016-08-02T00:00:00", "id": "SOL04403302", "href": "http://support.f5.com/kb/en-us/solutions/public/k/04/sol04403302.html", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-06-08T00:16:21", "description": "\nF5 Product Development has assigned ID 459592 (ARX) to this vulnerability.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct| Versions known to be vulnerable| Versions known to be not vulnerable| Severity| Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM| None| 12.0.0 - 12.1.0 \n11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP AAM| None| 12.0.0 - 12.1.0 \n11.4.0 - 11.6.1| Not vulnerable| None \nBIG-IP AFM| None| 12.0.0 - 12.1.0 \n11.4.0 - 11.6.1| Not vulnerable| None \nBIG-IP Analytics| None| 12.0.0 - 12.1.0 \n11.4.0 - 11.6.1 \n11.2.1| Not vulnerable| None \nBIG-IP APM| None| 12.0.0 - 12.1.0 \n11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP ASM| None| 12.0.0 - 12.1.0 \n11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP DNS| None| 12.0.0 - 12.1.0| Not vulnerable| None \nBIG-IP Edge Gateway| None| 11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP GTM| None| 11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP Link Controller| None| 12.0.0 - 12.1.0 \n11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP PEM| None| 12.0.0 - 12.1.0 \n11.4.0 - 11.6.1| Not vulnerable| None \nBIG-IP PSM| None| 11.4.0 - 11.4.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP WebAccelerator| None| 11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP WOM| None| 11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nARX| 6.2.0 - 6.4.0| None| Low| Apache Struts 1 \nEnterprise Manager| None| 3.1.1| Not vulnerable| None \nFirePass| None| 7.0.0| Not vulnerable| None \nBIG-IQ Cloud| None| 4.0.0 - 4.5.0| Not vulnerable| None \nBIG-IQ Device| None| 4.2.0 - 4.5.0| Not vulnerable| None \nBIG-IQ Security| None| 4.0.0 - 4.5.0| Not vulnerable| None \nBIG-IQ ADC| None| 4.5.0| Not vulnerable| None \nBIG-IQ Centralized Management| None| 5.0.0| Not vulnerable| None \nBIG-IQ Cloud and Orchestration| None| 1.0.0| Not vulnerable| None \nF5 iWorkflow| None| 2.0.0| Not vulnerable| None \nLineRate| None| 2.5.0 - 2.6.1| Not vulnerable| None \nF5 MobileSafe| None| 1.0.0| Not vulnerable| None \nF5 WebSafe| None| 1.0.0| Not vulnerable| None \nTraffix SDC| None| 5.0.0 \n4.0.0 - 4.4.0| Not vulnerable| None\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K167: Downloading software and firmware from F5](<https://support.f5.com/csp/article/K167>)\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "LOW", "baseScore": 8.2, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 4.2}, "published": "2016-06-16T20:59:00", "type": "f5", "title": "Apache Struts 1 vulnerability CVE-2016-1182 ", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0899", "CVE-2016-1182"], "modified": "2017-04-06T16:51:00", "id": "F5:K04403302", "href": "https://support.f5.com/csp/article/K04403302", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-06-08T00:16:27", "description": "\nF5 Product Development has assigned ID 459592 (ARX) to this vulnerability.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct| Versions known to be vulnerable| Versions known to be not vulnerable| Severity| Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM| None| 12.0.0 - 12.1.0 \n11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP AAM| None| 12.0.0 - 12.1.0 \n11.4.0 - 11.6.1| Not vulnerable| None \nBIG-IP AFM| None| 12.0.0 - 12.1.0 \n11.4.0 - 11.6.1| Not vulnerable| None \nBIG-IP Analytics| None| 12.0.0 - 12.1.0 \n11.4.0 - 11.6.1 \n11.2.1| Not vulnerable| None \nBIG-IP APM| None| 12.0.0 - 12.1.0 \n11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP ASM| None| 12.0.0 - 12.1.0 \n11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP DNS| None| 12.0.0 - 12.1.0| Not vulnerable| None \nBIG-IP Edge Gateway| None| 11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP GTM| None| 11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP Link Controller| None| 12.0.0 - 12.1.0 \n11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP PEM| None| 12.0.0 - 12.1.0 \n11.4.0 - 11.6.1| Not vulnerable| None \nBIG-IP PSM| None| 11.4.0 - 11.4.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP WebAccelerator| None| 11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP WOM| None| 11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nARX| 6.2.0 - 6.4.0| None| Low| ARX Manager GUI \nEnterprise Manager| None| 3.1.1| Not vulnerable| None \nFirePass| None| 7.0.0| Not vulnerable| None \nBIG-IQ Cloud| None| 4.0.0 - 4.5.0| Not vulnerable| None \nBIG-IQ Device| None| 4.2.0 - 4.5.0| Not vulnerable| None \nBIG-IQ Security| None| 4.0.0 - 4.5.0| Not vulnerable| None \nBIG-IQ ADC| None| 4.5.0| Not vulnerable| None \nBIG-IQ Centralized Management| None| 5.0.0| Not vulnerable| None \nBIG-IQ Cloud and Orchestration| None| 1.0.0| Not vulnerable| None \nLineRate| None| 2.5.0 - 2.6.1| Not vulnerable| None \nF5 MobileSafe| None| 1.0.0| Not vulnerable| None \nF5 WebSafe| None| 1.0.0| Not vulnerable| None \nTraffix SDC| None| 5.0.0 \n4.0.0 - 4.4.0| Not vulnerable| None\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K167: Downloading software and firmware from F5](<https://support.f5.com/csp/article/K167>)\n", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-06-14T04:12:00", "type": "f5", "title": "Apache Struts 1 vulnerability CVE-2016-1181", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0899", "CVE-2016-1181"], "modified": "2017-03-13T23:05:00", "id": "F5:K40444230", "href": "https://support.f5.com/csp/article/K40444230", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2021-06-08T18:45:13", "description": "Vulnerability Recommended Actions\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4602: Overview of the F5 security vulnerability response policy\n * SOL4918: Overview of the F5 critical issue hotfix policy\n * SOL167: Downloading software and firmware from F5\n", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-06-13T00:00:00", "type": "f5", "title": "SOL40444230 - Apache Struts 1 vulnerability CVE-2016-1181", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0899", "CVE-2016-1181"], "modified": "2016-08-02T00:00:00", "id": "SOL40444230", "href": "http://support.f5.com/kb/en-us/solutions/public/k/40/sol40444230.html", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "nessus": [{"lastseen": "2023-05-18T14:16:19", "description": "fix CVE-2015-0899\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-09-04T00:00:00", "type": "nessus", "title": "Fedora 22 : struts-1.3.10-14.fc22 (2015-14237)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-0899"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:struts", "cpe:/o:fedoraproject:fedora:22"], "id": "FEDORA_2015-14237.NASL", "href": "https://www.tenable.com/plugins/nessus/85773", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2015-14237.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(85773);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-0899\");\n script_xref(name:\"FEDORA\", value:\"2015-14237\");\n\n script_name(english:\"Fedora 22 : struts-1.3.10-14.fc22 (2015-14237)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"fix CVE-2015-0899\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1256620\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-September/165517.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?5759dac1\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected struts package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:struts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:22\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/09/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/09/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^22([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 22.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC22\", reference:\"struts-1.3.10-14.fc22\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"struts\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:23:58", "description": "The IBM WebSphere Application Server running on the remote host is version 7.0.0.x through 7.0.0.45, 8.0.0.x through 8.0.0.15, 8.5.0.x prior to 8.5.5.14, or 9.x prior to 9.0.0.8. It is, therefore, affected by a vulnerability in the Apache Struts subcomponent deu to an error in the MultiPageValidator implementation. An unauthenticated, remote attacker can exploit this, using a modified page parameter, to bypass restrictions and launch further attacks on the system.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2020-10-30T00:00:00", "type": "nessus", "title": "IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.14 / 9.x < 9.0.0.8 Security Bypass (CVE-2015-0899)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-0899"], "modified": "2020-11-30T00:00:00", "cpe": ["cpe:/a:ibm:websphere_application_server"], "id": "WEBSPHERE_711779.NASL", "href": "https://www.tenable.com/plugins/nessus/142140", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(142140);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/11/30\");\n\n script_cve_id(\"CVE-2015-0899\");\n\n script_name(english:\"IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.14 / 9.x < 9.0.0.8 Security Bypass (CVE-2015-0899)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web application server is affected by a security bypass vulnerability\");\n script_set_attribute(attribute:\"description\", value:\n\"The IBM WebSphere Application Server running on the remote host is version 7.0.0.x through 7.0.0.45, 8.0.0.x through\n8.0.0.15, 8.5.0.x prior to 8.5.5.14, or 9.x prior to 9.0.0.8. It is, therefore, affected by a vulnerability in the\nApache Struts subcomponent deu to an error in the MultiPageValidator implementation. An unauthenticated, remote attacker\ncan exploit this, using a modified page parameter, to bypass restrictions and launch further attacks on the system.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.ibm.com/support/pages/node/711779\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to IBM WebSphere Application Server 8.5.5.14, 9.0.0.8 or later. Alternatively, upgrade to the minimal fix pack\nlevels required by the interim fix and then apply Interim Fix PI95655 and PI98928.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-0899\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/07/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/06/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/10/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:ibm:websphere_application_server\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Web Servers\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"websphere_detect.nasl\", \"ibm_enum_products.nbin\", \"ibm_websphere_application_server_nix_installed.nbin\");\n script_require_keys(\"installed_sw/IBM WebSphere Application Server\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\napp = 'IBM WebSphere Application Server';\nfix = 'Interim Fix PI98928 and PI95655';\n\napp_info = vcf::combined_get_app_info(app:app);\nvcf::check_granularity(app_info:app_info, sig_segments:4);\n\n# If the detection is only remote, Source will be set, and we should require paranoia\nif (!empty_or_null(app_info['Source']) && app_info['Source'] != 'unknown' && report_paranoia < 2)\n audit(AUDIT_PARANOID);\n\nif (app_info['version'] =~ \"^7\\.\")\n{\n fix = 'Interim Fix PI95655';\n if ('PI95655' >< app_info['Fixes'])\n audit(AUDIT_INST_VER_NOT_VULN, app);\n}\nelse if ('PI95655' >< app_info['Fixes'] && 'PI98928' >< app_info['Fixes'])\n audit(AUDIT_INST_VER_NOT_VULN, app);\n\nconstraints = [\n {'min_version':'7.0.0.0', 'max_version':'7.0.0.45', 'fixed_display':fix},\n {'min_version':'8.0.0.0', 'max_version':'8.0.0.15', 'fixed_display':fix},\n {'min_version':'8.5.0.0', 'max_version':'8.5.5.13', 'fixed_display':'8.5.5.14 or ' + fix},\n {'min_version':'9.0.0.0', 'max_version':'9.0.0.7', 'fixed_display':'9.0.0.8 or ' + fix},\n];\n\nvcf::check_version_and_report(\n app_info:app_info,\n constraints:constraints,\n severity:SECURITY_WARNING\n);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:22:42", "description": "It was discovered that libstruts1.2-java, a Java framework for MVC applications, contains a bug in its multi-page validation code. This allows input validation to be bypassed, even if MPV is not used directly.", "cvss3": {}, "published": "2016-04-01T00:00:00", "type": "nessus", "title": "Debian DSA-3536-1 : libstruts1.2-java - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-0899"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libstruts1.2-java", "cpe:/o:debian:debian_linux:7.0"], "id": "DEBIAN_DSA-3536.NASL", "href": "https://www.tenable.com/plugins/nessus/90279", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3536. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(90279);\n script_version(\"2.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-0899\");\n script_xref(name:\"DSA\", value:\"3536\");\n\n script_name(english:\"Debian DSA-3536-1 : libstruts1.2-java - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that libstruts1.2-java, a Java framework for MVC\napplications, contains a bug in its multi-page validation code. This\nallows input validation to be bypassed, even if MPV is not used\ndirectly.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/libstruts1.2-java\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2016/dsa-3536\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the libstruts1.2-java packages.\n\nFor the oldstable distribution (wheezy), this problem has been fixed\nin version 1.2.9-5+deb7u2.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libstruts1.2-java\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/03/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/04/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"libstruts1.2-java\", reference:\"1.2.9-5+deb7u2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:23:49", "description": "The IBM WebSphere Application Server running on the remote host is version 7.0.0.x through 7.0.0.45, 8.0.0.x through 8.0.0.15, 8.5.0.x prior to 8.5.5.14 or 9.0.x prior to 9.0.0.9. It is, therefore, affected by multiple vulnerabilities related to Apache Struts, including the following:\n\n - Apache Commons BeanUtils, as distributed in lib/commons-beanutils-1.8.0.jar in Apache Struts 1.x through 1.3.10 and in other products requiring commons-beanutils through 1.9.2, does not suppress the class property, which allows remote attackers to manipulate the ClassLoader and execute arbitrary code via the class parameter, as demonstrated by the passing of this parameter to the getClass method of the ActionForm object in Struts 1. (CVE-2014-0114)\n\n - ActionServlet.java in Apache Struts 1 1.x through 1.3.10 mishandles multithreaded access to an ActionForm instance, which allows remote attackers to execute arbitrary code or cause a denial of service (unexpected memory access) via a multipart request, a related issue to CVE-2015-0899. (CVE-2016-1181)\n\n - ActionServlet.java in Apache Struts 1 1.x through 1.3.10 does not properly restrict the Validator configuration, which allows remote attackers to conduct cross-site scripting (XSS) attacks or cause a denial of service via crafted input, a related issue to CVE-2015-0899. (CVE-2016-1182)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2020-10-20T00:00:00", "type": "nessus", "title": "IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.14 / 9.0.x <= 9.0.0.9 Multiple Vulnerabilities (711865)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1007", "CVE-2014-0114", "CVE-2015-0899", "CVE-2016-1181", "CVE-2016-1182"], "modified": "2022-05-11T00:00:00", "cpe": ["cpe:/a:ibm:websphere_application_server"], "id": "WEBSPHERE_711865.NASL", "href": "https://www.tenable.com/plugins/nessus/141566", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(141566);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/11\");\n\n script_cve_id(\n \"CVE-2012-1007\",\n \"CVE-2014-0114\",\n \"CVE-2016-1181\",\n \"CVE-2016-1182\"\n );\n\n script_name(english:\"IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.14 / 9.0.x <= 9.0.0.9 Multiple Vulnerabilities (711865)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web application server is affected by multiple vulnerabilities\");\n script_set_attribute(attribute:\"description\", value:\n\"The IBM WebSphere Application Server running on the remote host is version 7.0.0.x through 7.0.0.45, 8.0.0.x through\n8.0.0.15, 8.5.0.x prior to 8.5.5.14 or 9.0.x prior to 9.0.0.9. It is, therefore, affected by multiple vulnerabilities\nrelated to Apache Struts, including the following:\n\n - Apache Commons BeanUtils, as distributed in lib/commons-beanutils-1.8.0.jar in Apache Struts 1.x through\n 1.3.10 and in other products requiring commons-beanutils through 1.9.2, does not suppress the class\n property, which allows remote attackers to manipulate the ClassLoader and execute arbitrary code via the\n class parameter, as demonstrated by the passing of this parameter to the getClass method of the ActionForm\n object in Struts 1. (CVE-2014-0114)\n\n - ActionServlet.java in Apache Struts 1 1.x through 1.3.10 mishandles multithreaded access to an ActionForm\n instance, which allows remote attackers to execute arbitrary code or cause a denial of service (unexpected\n memory access) via a multipart request, a related issue to CVE-2015-0899. (CVE-2016-1181)\n\n - ActionServlet.java in Apache Struts 1 1.x through 1.3.10 does not properly restrict the Validator\n configuration, which allows remote attackers to conduct cross-site scripting (XSS) attacks or cause a\n denial of service via crafted input, a related issue to CVE-2015-0899. (CVE-2016-1182)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.ibm.com/support/pages/node/711865\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to IBM WebSphere Application Server 8.5.5.14, 9.0.0.9, or later. Alternatively, upgrade to the minimal fix pack\nlevels required by the interim fix and then apply Interim Fix PI97162.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-0114\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2016-1182\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Apache Struts ClassLoader Manipulation Remote Code Execution');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/06/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/06/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/10/20\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:ibm:websphere_application_server\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Web Servers\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"websphere_detect.nasl\", \"ibm_enum_products.nbin\", \"ibm_websphere_application_server_nix_installed.nbin\");\n script_require_keys(\"installed_sw/IBM WebSphere Application Server\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\n# Only vulnerable when using the optiona UDDI.ear\nif (report_paranoia < 2)\n audit(AUDIT_PARANOID);\n\napp = 'IBM WebSphere Application Server';\nfix = 'Interim Fix PI97162';\n\napp_info = vcf::combined_get_app_info(app:app);\nvcf::check_granularity(app_info:app_info, sig_segments:4);\n\n# If the detection is only remote, Source will be set, and we should require paranoia\nif (!empty_or_null(app_info['Source']) && app_info['Source'] != 'unknown' && report_paranoia < 2)\n audit(AUDIT_PARANOID);\n\nif ('PI97162' >< app_info['Fixes'])\n audit(AUDIT_INST_VER_NOT_VULN, app);\n\nconstraints = [\n {'min_version':'7.0.0.0', 'max_version':'7.0.0.45', 'fixed_version':fix},\n {'min_version':'8.0.0.0', 'max_version':'8.0.0.15', 'fixed_version':fix},\n {'min_version':'8.5.0.0', 'max_version':'8.5.5.13', 'fixed_version':'8.5.5.14 or ' + fix},\n {'min_version':'9.0.0.0', 'max_version':'9.0.0.8', 'fixed_version':'9.0.0.9 or ' + fix}\n];\n\nvcf::check_version_and_report(\n app_info:app_info,\n constraints:constraints,\n severity:SECURITY_HOLE\n);\n", "cvss": {"score": 0.0, "vector": "NONE"}}], "osv": [{"lastseen": "2023-03-28T05:29:27", "description": "The MultiPageValidator implementation in Apache Struts 1 1.1 through 1.3.10 allows remote attackers to bypass intended access restrictions via a modified page parameter.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-05-14T03:15:11", "type": "osv", "title": "Improper Input Validation in Apache Struts", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0899"], "modified": "2023-03-28T05:29:26", "id": "OSV:GHSA-CVVX-R33M-V7PQ", "href": "https://osv.dev/vulnerability/GHSA-cvvx-r33m-v7pq", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-08-05T05:19:20", "description": "\nThe Validator in Apache Struts 1.1 and later contains a function to\nefficiently define rules for input validation across multiple pages during\nscreen transitions. This function contains a vulnerability where input\nvalidation may be bypassed. When the Apache Struts 1 Validator is used,\nthe web application may be vulnerable even when this function is not used\nexplicitly.\n\n\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2015-08-17T00:00:00", "type": "osv", "title": "libstruts1.2-java - security update", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0899"], "modified": "2022-08-05T05:19:18", "id": "OSV:DLA-292-1", "href": "https://osv.dev/vulnerability/DLA-292-1", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-04-11T01:48:16", "description": "ActionServlet.java in Apache Struts 1 1.x through 1.3.10 does not properly restrict the Validator configuration, which allows remote attackers to conduct cross-site scripting (XSS) attacks or cause a denial of service via crafted input, a related issue to CVE-2015-0899.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 8.2, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 4.2}, "published": "2022-05-13T01:25:19", "type": "osv", "title": "Improper Input Validation in Apache Struts", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0899", "CVE-2016-1182"], "modified": "2023-04-11T01:48:12", "id": "OSV:GHSA-5GGR-MPGW-3MGX", "href": "https://osv.dev/vulnerability/GHSA-5ggr-mpgw-3mgx", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2023-04-11T01:39:55", "description": "ActionServlet.java in Apache Struts 1 1.x through 1.3.10 mishandles multithreaded access to an ActionForm instance, which allows remote attackers to execute arbitrary code or cause a denial of service (unexpected memory access) via a multipart request, a related issue to CVE-2015-0899.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-05-13T01:25:20", "type": "osv", "title": "Improper Input Validation in Apache Struts", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0899", "CVE-2016-1181"], "modified": "2023-04-11T01:39:53", "id": "OSV:GHSA-7JW3-5Q4W-89QG", "href": "https://osv.dev/vulnerability/GHSA-7jw3-5q4w-89qg", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "github": [{"lastseen": "2023-09-27T22:03:11", "description": "The MultiPageValidator implementation in Apache Struts 1 1.1 through 1.3.10 allows remote attackers to bypass intended access restrictions via a modified page parameter.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-05-14T03:15:11", "type": "github", "title": "Improper Input Validation in Apache Struts", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0899"], "modified": "2023-01-27T05:02:25", "id": "GHSA-CVVX-R33M-V7PQ", "href": "https://github.com/advisories/GHSA-cvvx-r33m-v7pq", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-09-27T22:13:43", "description": "ActionServlet.java in Apache Struts 1 1.x through 1.3.10 does not properly restrict the Validator configuration, which allows remote attackers to conduct cross-site scripting (XSS) attacks or cause a denial of service via crafted input, a related issue to CVE-2015-0899.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 8.2, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 4.2}, "published": "2022-05-13T01:25:19", "type": "github", "title": "Improper Input Validation in Apache Struts", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0899", "CVE-2016-1182"], "modified": "2023-01-27T05:02:32", "id": "GHSA-5GGR-MPGW-3MGX", "href": "https://github.com/advisories/GHSA-5ggr-mpgw-3mgx", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2023-09-27T22:13:43", "description": "ActionServlet.java in Apache Struts 1 1.x through 1.3.10 mishandles multithreaded access to an ActionForm instance, which allows remote attackers to execute arbitrary code or cause a denial of service (unexpected memory access) via a multipart request, a related issue to CVE-2015-0899.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-05-13T01:25:20", "type": "github", "title": "Improper Input Validation in Apache Struts", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0899", "CVE-2016-1181"], "modified": "2023-01-27T05:02:15", "id": "GHSA-7JW3-5Q4W-89QG", "href": "https://github.com/advisories/GHSA-7jw3-5q4w-89qg", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "mageia": [{"lastseen": "2023-09-30T09:20:56", "description": "Updated struts packages fix security vulnerability: The Validator in Apache Struts 1.1 and later contains a function to efficiently define rules for input validation across multiple pages during screen transitions. This function contains a vulnerability where input validation may be bypassed. When the Apache Struts 1 Validator is used, the web application may be vulnerable even when this function is not used explicitly (CVE-2015-0899). \n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2015-09-08T17:55:59", "type": "mageia", "title": "Updated struts packages fix CVE-2015-0899\n", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0899"], "modified": "2015-09-08T17:55:59", "id": "MGASA-2015-0351", "href": "https://advisories.mageia.org/MGASA-2015-0351.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}], "fedora": [{"lastseen": "2020-12-21T08:17:53", "description": "Welcome to the Struts Framework! The goal of this project is to provide an open source framework useful in building web applications with Java Servlet and JavaServer Pages (JSP) technology. Struts encourages application architectures based on the Model-View-Controller (MVC) design paradigm, colloquially known as Model 2 in discussions on various servlet and JSP related mailing lists. Struts includes the following primary areas of functionality: A controller servlet that dispatches requests to appropriate Action classes provided by the application developer. JSP custom tag libraries, and associated support in the controller servlet, that assists developers in creating interactive form-based applications. Utility classes to support XML parsing, automatic population of JavaBeans properties based on the Java reflection APIs, and internationalization of prompts and messages. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2015-09-04T05:20:56", "type": "fedora", "title": "[SECURITY] Fedora 22 Update: struts-1.3.10-14.fc22", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0899"], "modified": "2015-09-04T05:20:56", "id": "FEDORA:845CB6087671", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/BKGCIZQ3LVDYYD4YOPHWQ7VDLYG4DVWG/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}], "ubuntucve": [{"lastseen": "2023-10-01T01:23:33", "description": "The MultiPageValidator implementation in Apache Struts 1 1.1 through 1.3.10\nallows remote attackers to bypass intended access restrictions via a\nmodified page parameter.\n\n#### Bugs\n\n * <https://bugzilla.redhat.com/show_bug.cgi?id=1207099>\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2016-07-04T00:00:00", "type": "ubuntucve", "title": "CVE-2015-0899", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0899"], "modified": "2016-07-04T00:00:00", "id": "UB:CVE-2015-0899", "href": "https://ubuntu.com/security/CVE-2015-0899", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-10-01T01:23:55", "description": "ActionServlet.java in Apache Struts 1 1.x through 1.3.10 does not properly\nrestrict the Validator configuration, which allows remote attackers to\nconduct cross-site scripting (XSS) attacks or cause a denial of service via\ncrafted input, a related issue to CVE-2015-0899.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 8.2, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 4.2}, "published": "2016-07-04T00:00:00", "type": "ubuntucve", "title": "CVE-2016-1182", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0899", "CVE-2016-1182"], "modified": "2016-07-04T00:00:00", "id": "UB:CVE-2016-1182", "href": "https://ubuntu.com/security/CVE-2016-1182", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2023-10-01T01:23:55", "description": "ActionServlet.java in Apache Struts 1 1.x through 1.3.10 mishandles\nmultithreaded access to an ActionForm instance, which allows remote\nattackers to execute arbitrary code or cause a denial of service\n(unexpected memory access) via a multipart request, a related issue to\nCVE-2015-0899.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2016-07-04T00:00:00", "type": "ubuntucve", "title": "CVE-2016-1181", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0899", "CVE-2016-1181"], "modified": "2016-07-04T00:00:00", "id": "UB:CVE-2016-1181", "href": "https://ubuntu.com/security/CVE-2016-1181", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "checkpoint_advisories": [{"lastseen": "2021-12-17T11:32:27", "description": "Cross-site scripting vulnerabilities exist in multiple webservers. The vulnerabilities are caused due to lack of validation of form fields. Successful exploitation of these vulnerabilities would allow remote attackers to inject an arbitrary script into the affected webserver.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "LOW", "baseScore": 8.2, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 4.2}, "published": "2017-12-20T00:00:00", "type": "checkpoint_advisories", "title": "Multiple Webservers Cross-Site Scripting Attempt (CVE-2015-0899; CVE-2016-1182)", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0899", "CVE-2016-1182"], "modified": "2017-12-20T00:00:00", "id": "CPAI-2017-1082", "href": "", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}], "redhatcve": [{"lastseen": "2021-09-09T13:50:12", "description": "ActionServlet.java in Apache Struts 1 1.x through 1.3.10 mishandles multithreaded access to an ActionForm instance, which allows remote attackers to execute arbitrary code or cause a denial of service (unexpected memory access) via a multipart request, a related issue to CVE-2015-0899.\n", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-06-07T12:48:28", "type": "redhatcve", "title": "CVE-2016-1181", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0899", "CVE-2016-1181"], "modified": "2020-08-18T13:49:57", "id": "RH:CVE-2016-1181", "href": "https://access.redhat.com/security/cve/cve-2016-1181", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-09-09T13:50:12", "description": "ActionServlet.java in Apache Struts 1 1.x through 1.3.10 does not properly restrict the Validator configuration, which allows remote attackers to conduct cross-site scripting (XSS) attacks or cause a denial of service via crafted input, a related issue to CVE-2015-0899.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "LOW", "baseScore": 8.2, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 4.2}, "published": "2016-06-07T12:48:33", "type": "redhatcve", "title": "CVE-2016-1182", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-0899", "CVE-2016-1182"], "modified": "2020-08-18T13:49:52", "id": "RH:CVE-2016-1182", "href": "https://access.redhat.com/security/cve/cve-2016-1182", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}], "oracle": [{"lastseen": "2021-10-22T15:44:25", "description": "A Critical Patch Update (CPU) is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security fixes. Please refer to:\n\nCritical Patch Updates and Security Alerts for information about Oracle Security Advisories.\n\n**Oracle continues to periodically receive reports of attempts to maliciously exploit vulnerabilities for which Oracle has already released fixes. In some instances, it has been reported that attackers have been successful because targeted customers had failed to apply available Oracle patches. Oracle therefore strongly recommends that customers remain on actively-supported versions and apply Critical Patch Update fixes without delay.**\n\nThis Critical Patch Update contains 252 new security fixes across the product families listed below. Please note that a MOS note summarizing the content of this Critical Patch Update and other Oracle Software Security Assurance activities is located at [ October 2017 Critical Patch Update: Executive Summary and Analysis](<https://support.oracle.com/epmos/faces/DocumentDisplay?_afrLoop=187793594395974id=2310031.1>).\n\nPlease note that on September 22, 2017, Oracle released Security Alert for CVE-2017-9805. Customers of affected Oracle product(s) are strongly advised to apply the fixes that were announced in this Security Alert as well as those contained in this Critical Patch update\n\nThis Critical Patch Update advisory is also available in an XML format that conforms to the Common Vulnerability Reporting Format (CVRF) version 1.1. More information about Oracle's use of CVRF is available here.\n", "edition": 1, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 10.0, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 6.0}, "published": "2017-10-17T00:00:00", "title": "Oracle Critical Patch Update - October 2017", "type": "oracle", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-10324", "CVE-2017-10167", "CVE-2017-10014", "CVE-2017-10417", "CVE-2017-10037", "CVE-2015-5351", "CVE-2015-5254", "CVE-2017-10270", "CVE-2017-10387", "CVE-2017-10360", "CVE-2015-1792", "CVE-2017-10321", "CVE-2017-10060", "CVE-2015-0235", "CVE-2015-1793", "CVE-2017-10404", "CVE-2017-10311", "CVE-2017-10421", "CVE-2017-10353", "CVE-2017-10260", "CVE-2017-10203", "CVE-2016-9840", "CVE-2017-10419", "CVE-2017-10424", "CVE-2017-10399", "CVE-2017-10293", "CVE-2015-3197", "CVE-2017-10299", "CVE-2017-10158", "CVE-2017-10379", "CVE-2017-10414", "CVE-2017-10054", "CVE-2017-10357", "CVE-2017-10197", "CVE-2017-10361", "CVE-2017-10356", "CVE-2016-5019", "CVE-2017-10322", "CVE-2017-10323", "CVE-2017-10066", "CVE-2014-3572", "CVE-2017-5709", "CVE-2016-6306", "CVE-2017-5462", "CVE-2014-3613", "CVE-2017-7502", "CVE-2015-7181", "CVE-2015-0206", "CVE-2017-10369", "CVE-2015-1789", "CVE-2016-2183", "CVE-2017-10349", "CVE-2017-10284", "CVE-2017-10294", "CVE-2017-10325", "CVE-2017-10416", "CVE-2015-0286", "CVE-2017-10341", "CVE-2017-10420", "CVE-2017-10418", "CVE-2017-10367", "CVE-2016-2178", "CVE-2017-10164", "CVE-2013-1903", "CVE-2017-10400", "CVE-2017-3167", "CVE-2017-10281", "CVE-2015-3195", "CVE-2017-10351", "CVE-2017-10359", "CVE-2017-10381", "CVE-2017-10406", "CVE-2017-10348", "CVE-2017-10372", "CVE-2014-8714", "CVE-2017-10034", "CVE-2017-10328", "CVE-2016-0714", "CVE-2016-3092", "CVE-2014-3571", "CVE-2017-10397", "CVE-2017-10388", "CVE-2017-10330", "CVE-2017-10407", "CVE-2014-0076", "CVE-2017-10033", "CVE-2017-10342", "CVE-2017-10415", "CVE-2017-10408", "CVE-2016-6302", "CVE-2017-10344", "CVE-2017-10354", "CVE-2017-10338", "CVE-2017-10296", "CVE-2017-10292", "CVE-2017-10402", "CVE-2014-3587", "CVE-2017-10306", "CVE-2017-10365", "CVE-2017-10337", "CVE-2017-10426", "CVE-2016-8745", "CVE-2016-2177", "CVE-2017-10380", "CVE-2015-0288", "CVE-2017-10332", "CVE-2017-10378", "CVE-2014-0224", "CVE-2017-10026", "CVE-2017-10276", "CVE-2016-0635", "CVE-2017-10409", "CVE-2017-10166", "CVE-2017-10427", "CVE-2017-10422", "CVE-2015-3194", "CVE-2017-10355", "CVE-2017-10163", "CVE-2016-6515", "CVE-2017-10326", "CVE-2015-0285", "CVE-2016-2107", "CVE-2017-10153", "CVE-2016-7055", "CVE-2017-10382", "CVE-2015-7501", "CVE-2017-10364", "CVE-2017-10319", "CVE-2015-3253", "CVE-2017-3731", "CVE-2016-6307", "CVE-2016-0701", "CVE-2017-10398", "CVE-2017-10051", "CVE-2017-10308", "CVE-2017-10320", "CVE-2017-10287", "CVE-2017-10412", "CVE-2017-10334", "CVE-2016-9842", "CVE-2016-2834", "CVE-2017-10283", "CVE-2015-0899", "CVE-2017-10152", "CVE-2017-10264", "CVE-2016-1182", "CVE-2014-0065", "CVE-2016-0763", "CVE-2015-0207", "CVE-2017-10155", "CVE-2017-10271", "CVE-2017-10286", "CVE-2017-10304", "CVE-2016-6308", "CVE-2016-6816", "CVE-2016-7433", "CVE-2014-4342", "CVE-2017-5662", "CVE-2014-8275", "CVE-2016-2180", "CVE-2017-10411", "CVE-2017-10313", "CVE-2017-10194", "CVE-2015-7182", "CVE-2015-0208", "CVE-2015-2808", "CVE-2017-10347", "CVE-2014-3570", "CVE-2017-10227", "CVE-2015-7575", "CVE-2017-10370", "CVE-2017-10261", "CVE-2017-10425", "CVE-2017-5706", "CVE-2015-3196", "CVE-2017-10428", "CVE-2014-3470", "CVE-2017-10362", "CVE-2017-10309", "CVE-2016-2181", "CVE-2017-10391", "CVE-2016-6304", "CVE-2015-3193", "CVE-2017-10263", "CVE-2014-3538", "CVE-2017-10403", "CVE-2014-0114", "CVE-2017-10159", "CVE-2017-10410", "CVE-2017-3732", "CVE-2017-10383", "CVE-2017-10339", "CVE-2017-10340", "CVE-2014-0050", "CVE-2017-10327", "CVE-2017-10396", "CVE-2017-10300", "CVE-2014-3707", "CVE-2014-0064", "CVE-2017-10343", "CVE-2015-0293", "CVE-2017-10165", "CVE-2017-10316", "CVE-2017-3445", "CVE-2017-10373", "CVE-2016-1979", "CVE-2017-10363", "CVE-2017-10352", "CVE-2016-2381", "CVE-2014-8713", "CVE-2017-10279", "CVE-2015-7183", "CVE-2013-0255", "CVE-2017-10314", "CVE-2017-9805", "CVE-2015-1788", "CVE-2017-10055", "CVE-2014-0195", "CVE-2014-0198", "CVE-2017-10161", "CVE-2016-7052", "CVE-2015-0209", "CVE-2014-0063", "CVE-2016-1950", "CVE-2017-10333", "CVE-2015-0204", "CVE-2016-0706", "CVE-2013-0248", "CVE-2017-3733", "CVE-2017-5664", "CVE-2017-10312", "CVE-2017-10366", "CVE-2014-0060", "CVE-2017-10318", "CVE-2016-7429", "CVE-2016-1181", "CVE-2017-10268", "CVE-2017-10285", "CVE-2017-3446", "CVE-2017-10392", "CVE-2017-10413", "CVE-2016-9843", "CVE-2013-2566", "CVE-2016-8735", "CVE-2015-1790", "CVE-2017-10394", "CVE-2017-9788", "CVE-2017-10350", "CVE-2016-6305", "CVE-2016-6303", "CVE-2017-10275", "CVE-2017-10274", "CVE-2017-10190", "CVE-2013-1902", "CVE-2017-10315", "CVE-2015-0291", "CVE-2017-10317", "CVE-2017-10389", "CVE-2017-10385", "CVE-2017-10154", "CVE-2017-10395", "CVE-2017-3588", "CVE-2014-4345", "CVE-2017-10162", "CVE-2003-1418", "CVE-2016-2182", "CVE-2017-10358", "CVE-2017-10310", "CVE-2017-10077", "CVE-2017-10346", "CVE-2014-0062", "CVE-2017-10401", "CVE-2015-0287", "CVE-2017-7668", "CVE-2017-3444", "CVE-2017-10295", "CVE-2017-10393", "CVE-2017-10423", "CVE-2017-10280", "CVE-2017-5461", "CVE-2016-10165", "CVE-2014-0066", "CVE-2015-0289", "CVE-2016-9841", "CVE-2015-7940", "CVE-2017-3169", "CVE-2017-10065", "CVE-2016-5285", "CVE-2017-10368", "CVE-2015-0292", "CVE-2017-10375", "CVE-2017-10384", "CVE-2014-0107", "CVE-2017-10050", "CVE-2016-3506", "CVE-2017-10345", "CVE-2017-10303", "CVE-2017-10302", "CVE-2017-10259", "CVE-2017-10265", "CVE-2015-0290", "CVE-2017-3730", "CVE-2015-0205", "CVE-2017-10329", "CVE-2016-2179", "CVE-2017-10405", "CVE-2017-10277", "CVE-2016-6814", "CVE-2013-1900", "CVE-2015-1787", "CVE-2015-4852", "CVE-2014-0061", "CVE-2014-3569", "CVE-2017-10386", "CVE-2015-1791", "CVE-2017-10336", "CVE-2017-10335", "CVE-2016-7431", "CVE-2017-7679", "CVE-2014-0221", "CVE-2017-10331", "CVE-2017-10099"], "modified": "2018-02-15T00:00:00", "id": "ORACLE:CPUOCT2017", "href": "https://www.oracle.com/security-alerts/cpuoct2017.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}]}