Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBM7A1C51879B26AAB381E9792758DFFE88BBC89BB55B7B6EE8B430DADD37DC4F78
HistoryJun 28, 2023 - 10:11 p.m.

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server, which is a required product for IBM Tivoli Network Manager IP Edition (CVE-2018-1797)

2023-06-2822:11:16
www.ibm.com
21
ibm
websphere
tivoli network manager
ip edition
security bulletin
vulnerability
version 4.2
directory traversal
fix
interim fix
admin console

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

CVSS3

6.3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N/E:U/RL:O/RC:C

EPSS

0.001

Percentile

36.2%

JSON

Summary

IBM WebSphere Application Server is a required product for IBM Tivoli Network Manager IP Edition version 4.2. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin.

Vulnerability Details

Please consult the security bulletin Potential directory traversal vulnerability in WebSphere Application Server for vulnerability details and information about fixes.

Affected Products and Versions

IBM Tivoli Network Manager IP Edition 4.2

Remediation/Fixes

Refer to the following security bulletin for vulnerability details and information about fixes addressed by IBM WebSphere Application Server, which is a product required by IBM Tivoli Network Manager IP Edition version 4.2.

Principal Product and Version(s) Affected Supporting Product and Version Affected Supporting Product Security Bulletin
IBM Tivoli Network Manager IP Edition 4.2 IBM Tivoli Network Manager IP Edition 4.2 requires the installation of IBM WebSphere Application Server Version 8.5.5.5 or later version separately. Users are recommended to apply IBM WebSphere version 8.5.5.5 Security Interim Fixes. Potential directory traversal vulnerability in WebSphere Application Server =ibm10729521">Potential traversal vulnerability in IBM WebSphere Application Server Admin Console
See Section “For V8.5.0.0 through 8.5.5.14:

Workarounds and Mitigations

None.

Affected configurations

Vulners
Node
ibmtivoli_network_manager_ip_editionMatch4.2

Related

ibm 20
cve 1
nessus 1
prion 1
cvelist 1
nvd 1
ibm
ibm
Security Bulletin: A Security Vulnerability in Websphere Application Server Affects Predictive Customer Intelligence (CVE-2018-1797)
2020-02-11 21:31:00
Security Bulletin: Potential directory traversal vulnerability in WebSphere Application Server shipped with Tivoli Integrated Portal (CVE-2018-1797)
2018-12-03 10:50:02
Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Tivoli Netcool/OMNIbus WebGUI (CVE-2018-1797)
2018-11-29 07:50:01
cve
cve
CVE-2018-1797
2018-11-16 15:29:00
nessus
nessus
IBM WebSphere Application Server 7.x / 8.0.0.0 <= 8.0.0.15 / 8.5.0.0 <= 8.5.5.14 / 9.0.0.0 <= 9.0.0.9 Directory Traversal Vulnerability
2020-04-30 00:00:00
prion
prion
Code injection
2018-11-16 15:29:00
cvelist
cvelist
CVE-2018-1797
2018-11-14 00:00:00
nvd
nvd
CVE-2018-1797
2018-11-16 15:29:00

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

CVSS3

6.3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N/E:U/RL:O/RC:C

EPSS

0.001

Percentile

36.2%

JSON
Related for 7A1C51879B26AAB381E9792758DFFE88BBC89BB55B7B6EE8B430DADD37DC4F78
ibm20cve1nessus1prion1cvelist1nvd1