Lucene search

K
ibmIBMAD72AF84E538C046FBD669C1AD3266C59B15E56D54595F1D8E8FE843F61DF503
HistorySep 10, 2018 - 11:03 p.m.

Security Bulletin: IBM Support Assistant is affected by a WebSphere Application Server vulnerability

2018-09-1023:03:02
www.ibm.com
4

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

Summary

IBM Support Assistant has addressed the vulnerability in WebSphere Application Server affecting installations using Form Login.

Vulnerability Details

CVEID:CVE-2017-1788
**DESCRIPTION:*IBM WebSphere Application Server installations using Form Login could allow a remote attacker to conducts spoofing attacks.
CVSS Base Score: 5.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/137031 for the current score
CVSS Environmental Score
: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

Affected Products and Versions

Affected IBM Support Assistant

|

Affected Versions

—|—
IBM Support Assistant Team Server | 5.0.2 - 5.0.2.6

Remediation/Fixes

Product

|

VRMF

|

APAR

|

Remediation / First Fix

—|—|—|—
IBM Support Assistant Team Server | 5.0.2 - 5.0.2.6 | None | IBM Support Assistant Team Server 5.0.2.7

Workarounds and Mitigations

None

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

Related for AD72AF84E538C046FBD669C1AD3266C59B15E56D54595F1D8E8FE843F61DF503