8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
6.5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
IBM WebSphere Application Server is shipped as a component of IBM Operations Analytics Predictive Insights. Information about a security vulnerability affecting the WebSphere Application Server admin console has been published in a security bulletin.
Please consult the security bulletin Security Bulletin: Potential Privilege Escalation in WebSphere Application Server Admin Console (CVE-2017-1731) for vulnerability details and information about fixes.
IBM Operations Analytics - Predictive Insights 1.3.6 and earlier.
Product
| VRMF| Remediation/First Fix
—|—|—
IBM Operations Analytics Predictive Insights| 1.3.0,
1.3.1,
1.3.2| Upgrade to IBM Operations Analytics Predictive Insights 1.3.6. Then, upgrade IBM WebSphere Application Server to interim fix 8.5.5.7 or later and apply Interim Fix PI89498 to the <WebSphere_HOME> directory.
IBM Operations Analytics Predictive Insights| 1.3.3,
1.3.5| Upgrade IBM WebSphere Application Server to interim fix 8.5.5.7 or 8.5.5.8 and apply Interim Fix PI89498 to the <WebSphere_HOME> directory.
IBM Operations Analytics Predictive Insight_s_| 1.3.6| Upgrade IBM WebSphere Application Server to interim fix 8.5.5.7 or later and apply Interim Fix PI89498 to the <WebSphere_HOME> directory.
None.
CPE | Name | Operator | Version |
---|---|---|---|
ibm operations analytics - predictive insights | eq | any |
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
6.5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P