IBMF35FDA3FF3046C6563BADEA4BC09118605630A1545FA6231B3C59C74E1C66307Security Bulletin: A security vulnerability has been identified in WebSphere® Application Server shipped with IBM® Intelligent Operations Center (CVE-2015-7450)
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
Summary
WebSphere® Application Server is shipped with IBM® Intelligent Operations Center. Information about a security vulnerability affecting WebSphere® Application Server has been published in a security bulletin.
Vulnerability Details
Refer to the security bulletins(s) listed in the Remediation/Fixes section
Affected Products and Versions
| Affected Product(s) | Version(s) |
|---|---|
| IBM® Intelligent Operations Center | V1.5.0, V1.6.0, V1.6.0.1, V1.6.0.2, V1.6.0.3, and V5.2.1 |
| IBM® Intelligent Operations Center for Emergency Management | V1.6.0, V5.1.0, V5.1.0.2, V5.1.0.3, V5.1.0.4, and V5.1.0.6 |
| IBM® Intelligent Operations for Waternamics | V5.1.0, V5.2.0, V5.2.0.1, V5.2.0.2, V5.2.0.3, V5.2.0.4, V5.2.0.5, V5.2.0.6, V5.2.1, and V5.2.1.1 |
| IBM® Intelligent Water | V1.6.0, V1.6.1, V1.6.1.1, and V1.6.1.2 |
Remediation/Fixes
| Refer to the following security bulletin for vulnerability details and information about fixes addressed by IBM® WebSphere Application Server which is shipped with IBM® Intelligent Operations Center: Principal Product and Version(s) | Affected Supporting Product and Versions | Affected Supporting Product Security Bulletin |
|---|---|---|
| IBM® Intelligent Operations Center V1.5.0, V1.6.0, V1.6.0.1, V1.6.0.2, V1.6.0.3, and V5.2.1 | WebSphere® Application Server V7.0, V8.0, and V8.5 and V8.5.5 Traditional and Liberty | |
| Security Bulletin: Vulnerability in Apache Commons affects IBM WebSphere Application Server (CVE-2015-7450) | ||
| IBM® Intelligent Operations Center for Emergency Management V1.6.0, V5.1.0, V5.1.0.2, V5.1.0.3, V5.1.0.4, and V5.1.0.6 | ||
| IBM® Intelligent Operations for Waternamics V5.1.0, V5.2.0, V5.2.0.1, V5.2.0.2, V5.2.0.3, V5.2.0.4, V5.2.0.5, V5.2.0.6, V5.2.1, and V5.2.1.1 | ||
| IBM® Intelligent Water V1.6.0, V1.6.1, V1.6.1.1, and V1.6.1.2 |
Workarounds and Mitigations
None
Related
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C