Design/Logic Flaw

2015-12-3105:59:00

PRIOn knowledge base

www.prio-n.com

6.6 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

71.3%

JSON

IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through 7.0.0.2 CF29, 8.0.0 before 8.0.0.1 CF20, and 8.5.0 before CF09 allows remote attackers to bypass intended Portal AccessControl REST API access restrictions and obtain sensitive information via unspecified vectors.

CPENameOperatorVersion
websphere_portaleq7.0.0.1
websphere_portaleq8.5.0.0
websphere_portaleq8.0.0.1
websphere_portaleq7.0.0.0
websphere_portaleq8.0.0.0
websphere_portaleq6.1.5.1
websphere_portaleq6.1.5.0
websphere_portaleq6.1.0.5
websphere_portaleq6.1.5.3
websphere_portaleq6.1.0.2

Name	Operator	Version
websphere_portal	eq	7.0.0.1
websphere_portal	eq	8.5.0.0
websphere_portal	eq	8.0.0.1
websphere_portal	eq	7.0.0.0
websphere_portal	eq	8.0.0.0
websphere_portal	eq	6.1.5.1
websphere_portal	eq	6.1.5.0
websphere_portal	eq	6.1.0.5
websphere_portal	eq	6.1.5.3
websphere_portal	eq	6.1.0.2