Lucene search

K
ibmIBMFCF66C1A96FDC8625BB9D927E042CEAA982B68F998C9AFCE8CBB28E803F9F816
HistoryJun 15, 2018 - 7:04 a.m.

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM PureApplication System (CVE-2015-7450)

2018-06-1507:04:12
www.ibm.com
23

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

Summary

IBM WebSphere Application Server is shipped as a deployable component of IBM PureApplication System. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin.

Vulnerability Details

Consult the security bulletin Vulnerability in Apache Commons affects IBM WebSphere Application Server (CVE-2015-7450) for vulnerability details and information about fixes.

Affected Products and Versions

Principal Product and Version(s)

| Affected Supporting Product and Version
—|—
PureApplication System versions 1.1, 2.0, and 2.1| IBM WebSphere Application Server 7.0
IBM WebSphere Application Server 8.0

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

Related for FCF66C1A96FDC8625BB9D927E042CEAA982B68F998C9AFCE8CBB28E803F9F816