Lucene search

PRIOn knowledge basePRION:CVE-2015-1946

HistoryJul 14, 2015 - 5:59 p.m.

Code injection

2015-07-1417:59:00

PRIOn knowledge base

www.prio-n.com

6.7 Medium

AI Score

Confidence

Low

4.4 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

5.4%

JSON

IBM WebSphere Application Server (WAS) 8.5 before 8.5.5.6, and WebSphere Virtual Enterprise 7.0 before 7.0.0.6 for WebSphere Application Server (WAS) 7.0 and 8.0, does not properly implement user roles, which allows local users to gain privileges via unspecified vectors.

CPENameOperatorVersion
websphere_application_servereq8.5.0.2
websphere_application_servereq8.5.5.1
websphere_application_servereq8.5.5.0
websphere_application_servereq8.5.5.5
websphere_application_servereq7.0
websphere_application_servereq8.5.5.4
websphere_application_servereq8.5.0.1
websphere_application_servereq8.5.0.0
websphere_application_servereq8.0.0.0
websphere_application_servereq8.5.5.3

Name	Operator	Version
websphere_application_server	eq	8.5.0.2
websphere_application_server	eq	8.5.5.1
websphere_application_server	eq	8.5.5.0
websphere_application_server	eq	8.5.5.5
websphere_application_server	eq	7.0
websphere_application_server	eq	8.5.5.4
websphere_application_server	eq	8.5.0.1
websphere_application_server	eq	8.5.0.0
websphere_application_server	eq	8.0.0.0
websphere_application_server	eq	8.5.5.3

Rows per page:

1-10 of 171

References

www-01.ibm.com/support/docview.wss?uid=swg1PI35180

www-01.ibm.com/support/docview.wss?uid=swg21959083

www.securityfocus.com/bid/75496

6.7 Medium

AI Score

Confidence

Low

4.4 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

5.4%

JSON

Related for PRION:CVE-2015-1946