CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
EPSS
Percentile
47.6%
IBM WebSphere Application Server (WAS) is shipped as a component of IBM Workload Scheduler, which results in IBM Workload Scheduled being impacted by this vulnerability. IBM WebSphere Application Server traditional is vulnerable to an XML External Entity (XXE) Injection vulnerability. This has been addressed.
Refer to the security bulletin(s) listed in the Remediation/Fixes section
Affected Product(s) | Version(s) |
---|---|
IBM Workload Scheduler | 9.4 |
Refer to the following security bulletin for vulnerability details and information about fixes addressed by IBM WebSphere Application Server (WAS) which is shipped with IBM Workload Scheduler. IBM recommends that these remediations are applied to all instances of IBM Workload Scheduler.
<https://www.ibm.com/support/pages/node/6989451>
None
Vendor | Product | Version | CPE |
---|---|---|---|
ibm | workload_scheduler | 9.4 | cpe:2.3:a:ibm:workload_scheduler:9.4:*:*:*:*:*:*:* |
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
EPSS
Percentile
47.6%