Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBM75F0D664D16F59B8CAAD64C30B5EABA922A613141567FC6104F19B70FC6A249C
HistoryFeb 11, 2020 - 9:31 p.m.

Security Bulletin: Security vulnerabilities have been identified in Websphere Application Server Shipped with Predictive Customer Intelligence (CVE-2017-1583, CVE-2011-4343)

2020-02-1121:31:00
www.ibm.com
8

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

JSON

Summary

Websphere Application Server is shipped with Predictive Customer Intelligence. Information about a security vulnerability affecting Websphere Application Server has been published in a security bulletin.

Vulnerability Details

Please consult the security bulletin Security Bulletin: Multiple vulnerabilities affect Java Server Faces (JSF) used by WebSphere Application Server (CVE-2017-1583, CVE-2011-4343) for vulnerability details and information about fixes.

Affected Products and Versions

Predictive Customer Intelligence versions 1.0, 1.0.1, 1.1, 1.1.1

Remediation/Fixes

Refer to the following security bulletins for vulnerability details and information about fixes addressed by Websphere Application Server which is shipped with Predictive Customer Intelligence.

Principal Product and Version(s) Affected Supporting Product and Version Affected Supporting Product Security Bulletin
Predictive Customer Intelligence 1.0 and 1.0.1 Websphere Application Server 8.5.5 Security Bulletin: Multiple vulnerabilities affect Java Server Faces (JSF) used by WebSphere Application Server (CVE-2017-1583, CVE-2011-4343)
Predictive Customer Intelligence 1.1 and 1.1.1 Websphere Application Server 8.5.5.6 Security Bulletin: Multiple vulnerabilities affect Java Server Faces (JSF) used by WebSphere Application Server (CVE-2017-1583, CVE-2011-4343)

Workarounds and Mitigations

None

Related

ibm 29
nessus 1
prion 2
github 1
packetstorm 1
cve 2
osv 1
cvelist 2
ibm
ibm
Security Bulletin: Security vulnerabilities have been identified in WebSphere Application Server shipped with IBM Tivoli System Automation Application Manager (CVE-2017-1583, CVE-2011-4343)
2018-09-29 20:24:25
Security Bulletin: Multiple vulnerabilities in IBM WebSphere Application Server affects IBM Emptoris Strategic Supply Management suite of products and IBM Emptoris Services Procurement (CVE-2017-1583, CVE-2011-4343)
2018-06-16 20:12:08
Security Bulletin: A security vulnerability has been identified in IBM Websphere Application Server shipped with IBM Tivoli Security Policy Manager (CVE-2017-1583)
2018-06-16 22:03:35
nessus
nessus
IBM WebSphere Application Server 8.0.0.x < 8.0.0.15 / 8.5.x < 8.5.5.13 Multiple Vulnerabilities (296865)
2020-10-20 00:00:00
prion
prion
Information disclosure
2017-08-08 21:29:00
Information disclosure
2017-10-24 21:29:00
github
github
Apache MyFaces Vulnerable to EL Injection
2022-05-17 00:29:01
packetstorm
packetstorm
Apache MyFaces 2.0 / 2.1 Information Disclosure
2011-12-05 00:00:00
cve
cve
CVE-2011-4343
2017-08-08 21:29:00
CVE-2017-1583
2017-10-24 21:29:00
osv
osv
Apache MyFaces Vulnerable to EL Injection
2022-05-17 00:29:01
cvelist
cvelist
CVE-2011-4343
2017-08-08 21:00:00
CVE-2017-1583
2017-10-24 21:00:00

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

JSON
Related for 75F0D664D16F59B8CAAD64C30B5EABA922A613141567FC6104F19B70FC6A249C
ibm29nessus1prion2github1packetstorm1cve2osv1cvelist2