Lucene search

K
ibmIBM64633572BAC2ED5A8A11767D13C6E9DEA8EE08902B3CA116BBD0B7EAECC5246B
HistoryAug 09, 2018 - 11:55 a.m.

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Operations Analytics Predictive Insights (CVE-2018-1614)

2018-08-0911:55:53
www.ibm.com
5

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

Summary

Websphere Application Server (WAS) is shipped as a component of IBM Operations Analytics Predictive Insights. Information about a security vulnerability affecting WAS has been published in a security bulletin.

Vulnerability Details

Please consult the security bulletin Security Bulletin: Information disclosure in WebSphere Application Server with SAML (CVE-2018-1614) for vulnerability details and information about fixes.

Affected Products and Versions

Principal Product and Version(s) Affected Supporting Product and Version
IBM Operations Analytics Predictive Insights version 1.3.6 Websphere Application Server 8.5.5.x
IBM Operations Analytics Predictive Insights versions 1.3.3, 1.3.5 Websphere Application Server 8.5.0.x This needs to be upgraded to minimum 8.5.5.12, noting this known issue, before applying the fix mentioned in the linked bulletin.

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

Related for 64633572BAC2ED5A8A11767D13C6E9DEA8EE08902B3CA116BBD0B7EAECC5246B