6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:S/C:N/I:P/A:N
0.001 Low
EPSS
Percentile
22.8%
Vulnerabilities have been identified in WebSsphere Application Server Liberty shipped wioth Cloud Pak System. IBM Cloud Pak System ship with optional Single- Sign-On (SSO) feature. Information about a security vulnerability affecting IBM WebSphere Application Server Liberty have been published in a security bulletin.
Refer to the security bulletin(s) listed in the Remediation/Fixes section
Affected Product(s) Version(s) | Affected Supporting Product(s) Version(s) |
---|---|
IBM Cloud Pak System 2.3 | WebSphere Application Server - Liberty 9.0 |
IBM Cloud Pak System Software Suite 2.3.3.0 | WebSphere Application Server - Liberty 9.0 |
Consult the following Security Bulletins for information and details about fixes. IBM strongly recommends to apply fix as soon as practical.
In order to apply the fix
1. Download the fix from IBM FixCentral
2. Upload the fix to Cloud Pak System
3. Apply the fix from CPS UI select WAS virtual system instance, manage, operations and fixpack, or through the command line.
None
CPE | Name | Operator | Version |
---|---|---|---|
ibm cloud pak system software | eq | 2.3 |
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:S/C:N/I:P/A:N
0.001 Low
EPSS
Percentile
22.8%