Lucene search

K
ibmIBM09F9A4A7E2C86FBCBD84600DBE2802FEF7651907D28D08AEA2C91F65692FAEFD
HistoryMay 14, 2019 - 5:10 p.m.

Security Bulletin: Multiple Vulnerabilities in IBM HTTP Server bundled with IBM WebSphere Application Server Patterns (CVE-2019-0211 CVE-2019-0220)

2019-05-1417:10:02
www.ibm.com
14

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

Summary

IBM HTTP Server is shipped as a component of IBM WebSphere Application Server Patterns. Information about security vulnerabilities affecting IBM HTTP Server have been published in a security bulletin.

Vulnerability Details

Please consult the following security bulletin for vulnerability details and information about fixes

Affected Products and Versions

Principal Product and Version(s)

| Affected Supporting Product and Version
—|—
WebSphere Application Server Patterns, all versions | IBM HTTP Server:

  • Version 9.0
  • Version 8.5
  • Version 8.0

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

Related for 09F9A4A7E2C86FBCBD84600DBE2802FEF7651907D28D08AEA2C91F65692FAEFD