7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
IBM WebSphere Application Server (WAS) Liberty profile is shipped as a component of IBM InfoSphere BigInsights Console. Information about a security vulnerabilities affecting WAS Liberty profile has been published in security bulletins.
Please consult security bulletins for vulnerability details and information about fixes.
Potential Information Disclosure vulnerability in WebSphere Application Server (CVE-2016-5986)
Open Redirect vulnerability in WebSphere Application Server Liberty (CVE-2016-3040)
Information Disclosure in IBM WebSphere Application Server Liberty (CVE-2016-0378)
Principal Product and Version(s)
| Affected Supporting Product and Version
—|—
IBM InfoSphere BigInsights 2.x
IBM InfoSphere BigInsights 3.x
| IBM WebSphere Application Server Version 8.5 Liberty profile
Fix:
CPE | Name | Operator | Version |
---|---|---|---|
ibm db2 big sql | eq | 2.1.2 | |
ibm db2 big sql | eq | 3.0 | |
ibm db2 big sql | eq | 3.0.0.2 | |
ibm db2 big sql | eq | 3.0.0.1 |
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N