Lucene search

K
ibmIBM3C13E1626546AB19B54BC13C855DB4A4A72EDBD9013028CD74215F23DDA82984
HistoryJun 17, 2018 - 12:16 p.m.

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Records Manager (CVE-2016-3427)

2018-06-1712:16:04
www.ibm.com
9

9 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

Summary

IBM WebSphere Application Server is shipped as a component of IBM Records Manager. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin.

Vulnerability Details

Please consult the Security Bulletin: Multiple vulnerabilities in IBM® Java SDK affect WebSphere Application Server April 2016 CPU (CVE-2016-3426, CVE-2016-3427) for vulnerability details and information about fixes.

Affected Products and Versions

Principal Product and Version(s)

| Affected Supporting Product and Version
—|—
IBM Records Manager 8.5, 8.5.0.1, 8.5.0.2, 8.5.0.3, 8.5.0.4, 8.5.0.5| IBM WebSphere Application Server V7.0.0.0 through 7.0.0.41
IBM Records Manager 8.5.0.6| IBM WebSphere Application Server V7.0.0.0 through 7.0.0.41, V8.0.0.0 through 8.0.0.12, V8.5.0.0
IBM Records Manager 8.5.0.7| IBM WebSphere Application Server V7.0.0.0 through 7.0.0.41, V8.0.0.0 through 8.0.0.12, V8.5.0.0 through 8.5.5.9

9 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C