8.2 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
IBM WebSphere Application Server v7.0 is shipped as a component of IBM Integrated Information Core. Information about security vulnerabilities affecting IBM WebSphere Application Server have been published in a security bulletin.
Consult the security bulletin: Vulnerabilities in Apache Struts affects IBM WebSphere Application Server (CVE-2016-1181 and CVE-2016-1182) for vulnerability details and information about fixes.
Principal Product and Version(s)
| Affected Supporting Product and Version
β|β
IBM Integrated Information Core V1.5, V1.5.0.1 and V1.5.0.2| IBM WebSphere Application Server v7.0
Download the correct version of the fix from the following link: Vulnerabilities in Apache Struts affects IBM WebSphere Application Server (CVE-2016-1181 and CVE-2016-1182). Installation instructions for the fix are included in the readme document that is in the fix package.
8.2 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P