9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
IBM has published information about a security vulnerability in IBM WebSphere Application Server shipped with Tivoli Integrated Portal in Tivoli Network Manager IP Edition.
Please consult the security bulletin Vulnerability in Apache Commons affects IBM WebSphere Application Server (CVE-2015-7450) for a vulnerability details and information about fix.
Affected Product and Version(s)
| Product and Version shipped as a component
—|—
Tivoli Network Manager IP Edition 3.8| Bundled the TIP version 1.1.1.x which include IBM WebSphere version 6.1.0.x.
Tivoli Network Manager IP Edition 3.9| Bundled the TIP version 2.1.0.x which include IBM WebSphere version 7.0.0.x…
Tivoli Network Manager IP Edition 4.1| Bundled the TIP version 2.2.0.x which include IBM WebSphere version 7.0.0.x.
Tivoli Network Manager IP Edition 4.1.1| Bundled the TIP version 2.2.0.x. which include IBM WebSphere version 7.0.0.x.
Note: If TIP has been upgraded, please follow TIP security bulletin to upgrade an appropriate IBM WebSphere version.
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C