Lucene search

K
ibmIBM3EA2C45E4F9382C2531F88095D1BC135577CA607AD54B9DD5A62C3E8C85EF769
HistoryJan 17, 2023 - 5:35 p.m.

Security Bulletin: A security vulnerability has been identified in WebSphere Application Server shipped with IBM Tivoli System Automation Application Manager (CVE-2015-0899)

2023-01-1717:35:00
www.ibm.com
20
websphere application server
ibm tivoli system automation application manager
cve-2015-0899
security bulletin
vulnerability
fixes

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

AI Score

7.5

Confidence

High

EPSS

0.949

Percentile

99.3%

Summary

WebSphere Application Server is shipped with IBM Tivoli System Automation Application Manager. Information about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin.

Vulnerability Details

Refer to the security bulletin(s) listed in the Remediation/Fixes section.

Affected Products and Versions

IBM Tivoli System Automation Application Manager 4.1.0.0 – 4.1.0.1

Remediation/Fixes

Refer to the following security bulletins for vulnerability details and information about fixes addressed by WebSphere Application Server which is shipped with IBM Tivoli System Automation Application Manager.

Principal Product and Version(s) Affected Supporting Product and Version Affected Supporting Product Security Bulletin
IBM Tivoli System Automation Application Manager 4.1 WebSphere Application Server 8.5 Security Bulletin: Potential vulnerability in WebSphere Application Server (CVE-2015-0899)

Workarounds and Mitigations

None.

Affected configurations

Vulners
Node
ibmtivoli_system_automation_application_managerMatch4.1
VendorProductVersionCPE
ibmtivoli_system_automation_application_manager4.1cpe:2.3:a:ibm:tivoli_system_automation_application_manager:4.1:*:*:*:*:*:*:*

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

AI Score

7.5

Confidence

High

EPSS

0.949

Percentile

99.3%