IBM1360ED7E00C9B650B6FB3893EE967BD541AA6CCC441052EB1ED29FD7673413C4Security Bulletin: Multiple Vulnerabilities in IBM HTTP Server bundled with IBM Cloud Pak System (CVE-2019-0211 CVE-2019-0220)
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
Summary
IBM HTTP Server is used by WebSphere Application Server bundled with IBM Cloud Pak System formerly known as PureApplication System. Information about security vulnerabilities affecting IBM HTTP Server have been published in a security bulletin.
Vulnerability Details
Consult the following security bulletin for vulnerability details and information about fixes
Affected Products and Versions
Principal Product and Version(s)
| Affected Supporting Product and Version
β|β
IBM Cloud Pak System, all versions | IBM HTTP Server:
- Version 9.0
- Version 8.5
| CPE | Name | Operator | Version |
|---|---|---|---|
| pureapplication system | eq | any |
Related
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C