IBM488B36AFC8FA3CBD30BC17D46DC366B2BF8A68F8A40B1ADAE4427FD2B4DEF5E1Security Bulletin: Security Vulnerability in IBM WebSphere Application Server affects Tivoli Netcool Service Quality Manager (CVE-2015-1920)
EPSS
Percentile
82.2%
Summary
WebSphere Application Server and WebSphere Application Server Hypervisor Edition could allow a remote attacker to execute arbitrary code by connecting to a management port and executing a specific sequence of instructions .
Vulnerability Details
CVEID: CVE-2015-1920**
DESCRIPTION:** WebSphere Application Server could allow a remote attacker to execute arbitrary code by connecting to a management port and executing a specific sequence of instructions.
CVSS Base Score: 9.3
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/102404> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Affected Products and Versions
This vulnerability affects Tivoli Netcool Service Quality Manager 4.1.4
Remediation/Fixes
IBM has provided patches for all affected versions.
The fix for the IBM WebSphere Application Server Version 6.1 can be downloaded from the IBM Fix Central site:
<http://www-01.ibm.com/support/docview.wss?uid=swg24039898>
The TNSQM system has to be stopped during upgrade.
Workarounds and Mitigations
None
Related
EPSS
Percentile
82.2%