5.9 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
IBM WebSphere Application Server is shipped as a component of IBM Tivoli Access Manager for e-business and IBM Security Access Manager for Web 7.0 software. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin.
Please consult the security bulletin โPotential security vulnerability in IBM WebSphere Application Server if FIPS 140-2 is enabled (CVE-2016-0306)โ for vulnerability details and information about fixes.
IBM Tivoli Access Manager for e-business 6.0, 6.1, 6.1.1
IBM Security Access Manager for Web 7.0 (software)
Principal Product and Version(s) | Affected Supporting Product and Version |
---|
IBM Tivoli Access Manager for e-business 6.0, 6.1, 6.1.1|
IBM WebSphere Application Server 7.0
IBM Security Access Manager for Web 7.0 (software)| IBM WebSphere Application Server 7.0, 8.0, 8.5
None.
5.9 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N