7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
There is a classloader manipulation vulnerability in the Apache Struts 1 that is used by IBM WebSphere Application Server shipped with IBM WebSphere Service Registry and Repository v6.2, v6.3, v7.0 and v7.5.
This vulnerability is fixed within WebSphere Application Server Interim Fix PI17190. To download the fix and for more information see: Security Bulletin: Classloader Manipulation Vulnerability in IBM WebSphere Application Server CVE-2014-0114