IBM0E64CE6EF3F02ED41C2F2693852DF81EAC908FCC9285ECE6B3F45EEFC9AFFCF9Security Bulletin: IBM OpenPages Platform with Application Server vulnerabilities.
0.035 Low
EPSS
Percentile
91.6%
Summary
The following security vulnerability exists in all versions of IBM OpenPages with Application Server: See Vulnerability Details for CVE ID.
Vulnerability Details
DESCRIPTION:
Customers who have IBM OpenPages with Application Server are potentially impacted by the following vulnerability.
| CVE ID | DESCRIPTION |
|---|---|
| CVE-2014-2470 | |
| CVSS Base Score: 7.5 | |
| CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/92417 for more information | |
| CVSS Environmental Score*: Undefined | |
| CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:P) | An unspecified vulnerability in Oracle WebLogic Server related to the WLS Security component. |
The attack requires network access, no authentication and a low degree of specialized knowledge and techniques. An attack may compromise the confidentiality of information, the availability of the system and the integrity of data.
Affected Products and Versions
IBM OpenPages with Application Server 6.0 through 7.0.
Remediation/Fixes
A fix has been created that can remediate all affected versions of the named product. Download and install the fix as soon as practical. The fix and installation instructions are available at the URL listed below:
| Patch | Download URL |
|---|---|
| IBM OpenPages with Application Server IF 1 | <http://www.ibm.com/support/docview.wss?uid=swg24038065> |
Workarounds and Mitigations
No known workaround, please apply fix.
Related
0.035 Low
EPSS
Percentile
91.6%