3.7 Low
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
There is a potential denial of service with IBM WebSphere Application Server when using SIP services.
CVEID: CVE-2016-2960**
DESCRIPTION:** IBM WebSphere Application Server could be vulnerable to a denial of service when using SIP services. A remote attacker could cause a denial of service with specially-crafted SIP messages.
CVSS Base Score: 3.7
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/113805 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L)
This vulnerability affects the following versions and releases of IBM WebSphere Application Server using SIP services
The recommended solution is to apply the interim fix, Fix Pack or PTF containing APAR PI61548 for each named product as soon as practical. **
For WebSphere Application Server:** **
For V9.0.0.0:**
· Apply Interim Fix PI61548
--OR–
· Apply Fix Pack 9.0.0.1 or later.
For V8.5.0.0 through 16.0.0.2 Liberty:
· Upgrade to minimal fix pack levels as required by interim fix and then apply Interim Fix PI61548
--OR–
· Apply Liberty Fix Pack 16.0.0.3 or later.
**
For V8.5.0.0 through 8.5.5.9 Full Profile:**
· Upgrade to minimal fix pack levels as required by interim fix and then apply Interim Fix PI61548
--OR–
· Apply Fix Pack 8.5.5.10 or later.
For V8.0.0.0 through 8.0.0.12:
· Upgrade to a minimal fix pack levels as required by interim fix and then apply Interim Fix PI61548
--OR–
· Apply Fix Pack 8.0.0.13 or later. ** **
For V7.0.0.0 through 7.0.0.41:
· Upgrade to minimal fix pack levels as required by interim fix and then apply Interim Fix PI61548
--OR–
· Apply Fix Pack 7.0.0.43 or later.
3.7 Low
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P