By using WebSphere Lomabrdi Edition (WLE) you can import and export process applications and toolkits. Although this functionality is available only to authorized users, the actual server side code accepts requests from lower privileged users.
CVE ID:CVE-2014-4844
CVSS Base Score: 6.0
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/95724> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:S/C:P/I:P/A:P)
WebSphere Lombardi Edition allows importing and exporting process applications and toolkits. While this functionality is only available to authorized users in the user interface, the actual server side code accepts requests from lower privileged users.
If you are using an earlier unsupported release, IBM strongly recommends to upgrade.
Install the interim fix for APAR JR51286 as appropriate for your current WebSphere Lombardi Edition version.
* [WebSphere Lombardi Edition](<http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/WebSphere+Lombardi+Edition&release=All&platform=All&function=aparId&apars=JR51286>)
None.