Lucene search

K
ibmIBMF5D1BF73FF3841466F9B24DF507EF84C934C38D15F16FEA1A1A4AA761557EAC8
HistoryDec 05, 2022 - 7:00 p.m.

Security Bulletin: IBM Cloud Transformation Advisor is affected by a vulnerability in WebSphere Application Server Liberty (CVE-2014-7810)

2022-12-0519:00:57
www.ibm.com
6

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.003 Low

EPSS

Percentile

68.5%

Summary

IBM Cloud Transformation Advisor has addressed the following vulnerability. CVE-2014-7810

Vulnerability Details

CVEID: CVE-2014-7810
**DESCRIPTION:*Apache Tomcat could allow a remote attacker to bypass security restrictions, caused by the use of expression language. An attacker could exploit this vulnerability to bypass the protections of a Security Manager.
CVSS Base Score: 5
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/103155&gt; for the current score
CVSS Environmental Score
: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:N)

Affected Products and Versions

IBM Cloud Transformation Advisor Continuous Delivery

Remediation/Fixes

Upgrade to 1.9.2 or later

Workarounds and Mitigations

None

CPENameOperatorVersion
ibm cloud transformation advisoreqany

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.003 Low

EPSS

Percentile

68.5%

Related for F5D1BF73FF3841466F9B24DF507EF84C934C38D15F16FEA1A1A4AA761557EAC8