Lucene search

K
ibmIBM63C0B2B3226E3E98449887AA89E81C9B35F422CFE5D67FF9577B4EC869D9F5EB
HistoryAug 19, 2022 - 11:26 p.m.

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with multiple IBM Security products

2022-08-1923:26:06
www.ibm.com
47

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.973 High

EPSS

Percentile

99.9%

Summary

IBM WebSphere Application Server is shipped as a component of multiple IBM Security products. Information about a security vulnerability affecting these products has been published in a security bulletin.

Vulnerability Details

Please consult the security bulletin Classloader Manipulation Vulnerability in IBM WebSphere Application Server (CVE-2014-0114) for vulnerability details.

Affected Products and Versions

Principal Product and Versions

| Affected Supporting Product and Version
—|—
IBM Security Access Manager for Enterprise Single Sign-On 8.1| WebSphere Application Server Network Deployment 7.0
IBM Security Access Manager for Enterprise Single Sign-On 8.2| WebSphere Application Server Network Deployment 7.0
IBM Security Access Manager for Enterprise Single Sign-On 8.2.1| WebSphere Application Server Network Deployment 8.5
IBM Tivoli Identity Manager 5.0| WebSphere Application Server - Base 6.1
WebSphere Application Server Network Deployment 7.0
IBM Tivoli Identity Manager 5.1| WebSphere Application Server Network Deployment 6.1
WebSphere Application Server Network Deployment 7.0
IBM Security Identity Manager 6.0| WebSphere Application Server Network Deployment 7.0
IBM Tivoli Access Manager for e-business 6.0, 6.1, 6.1.1
(Note: Version 5.1 is no longer supported. IBM recommends upgrading to a supported version of the product.)| WebSphere Application Server 6.1 and 7.0
IBM Tivoli Federated Identity Manager 6.1.1, 6.2.0, 6.2.1, 6.2.2| WebSphere Application Server 6.1 and 7.0
IBM Tivoli Federated Identity Manager Business Gateway 6.1.1, 6.2.0, 6.2.1, 6.2.2| WebSphere Application Server 6.1 and 7.0
IBM Tivoli Key Lifecycle Manager 1.0, 2.0, 2.0.1| Websphere Application Server 6.1.0.0 through 6.1.0.47
IBM Tivoli Security Policy Manager 7.0, 7.1| WebSphere Application Server 6.1 and 7.0
IBM Tivoli Directory Server 6.1| embedded version of IBM WebSphere Application Server 6.1
IBM Tivoli Directory Server 6.2| embedded version of IBM WebSphere Application Server 6.1
IBM Tivoli Directory Server 6.3| embedded version of IBM WebSphere Application Server 7.0
IBM Security Directory Server 6.3.1| embedded version of IBM WebSphere Application Server 7.0
IBM Tivoli Security Information and Event Manager 2.0.0.4, 2.0.0.5, 2.0.0.6, 2.0.0.7, 2.0.0.8, 2.0.0.9| WebSphere Application Server 6.1.0.27

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.973 High

EPSS

Percentile

99.9%

Related for 63C0B2B3226E3E98449887AA89E81C9B35F422CFE5D67FF9577B4EC869D9F5EB