Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBMF6D785B4BFC216976C1306E8256AC1B3157B765EB64F4C0EC59FBBFF4DA60AA1
HistoryJun 15, 2018 - 7:04 a.m.

Security Bulletin: IBM MQ Appliance potentially vulnerable to remote servlet spoof attack (CVE-2015-4938)

2018-06-1507:04:16
www.ibm.com
7

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

JSON

Summary

A potential remote servlet spoof attack vulnerability was addressed by IBM MQ Appliance.

Vulnerability Details

CVEID: CVE-2015-4938**
DESCRIPTION:** IBM WebSphere Application Server could allow a remote attacker to spoof a servlet. An attacker could exploit this vulnerability to persuade the user into entering sensitive information.
CVSS Base Score: 3.5
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/104415&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:S/C:N/I:P/A:N)

Affected Products and Versions

IBM MQ Appliance M2000

Remediation/Fixes

Apply fix pack 8.0.0.4 or later maintenance

Related

ibm 17
cve 1
prion 1
nessus 6
openvas 1
ibm
ibm
Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Workload Deployer (CVE-2015-4938)
2018-06-15 07:04:53
Security Bulletin: Vulnerability in IBM WebSphere Application Server affects Tivoli Business Service Manager (CVE-2015-4938)
2018-06-17 15:08:28
Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Asset and Service Management (CVE-2015-4938)
2022-09-22 03:02:31
cve
cve
CVE-2015-4938
2015-08-22 23:59:00
prion
prion
Information disclosure
2015-08-22 23:59:00
nessus
nessus
IBM WebSphere Application Server 8.5 < 8.5.5.7 Multiple Vulnerabilities
2016-10-26 00:00:00
IBM HTTP Server 6.1 <= 6.1.0.47 (FP47) / 7.0 < 7.0.0.39 (FP39) / 8.0 < 8.0.0.12 (FP12) / 8.5 < 8.5.5.7 (FP7) Multiple Vulnerabilities
2015-09-18 00:00:00
IBM WebSphere Application Server 7.0 < 7.0.0.39 (FP39) / 8.0 < 8.0.0.11 (FP11) / 8.5 < 8.5.5.6 (FP6) Multiple Vulnerabilities (Bar Mitzvah) (FREAK)
2015-07-09 00:00:00
openvas
openvas
IBM Websphere Application Server Multiple Vulnerabilities-01 (Feb 2016)
2016-02-16 00:00:00

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

JSON
Related for F6D785B4BFC216976C1306E8256AC1B3157B765EB64F4C0EC59FBBFF4DA60AA1
ibm17cve1prion1nessus6openvas1