5.1

CVE-2014-8890

IBM WebSphere Application Server Liberty Profile 8.5.x before 8.5.5.4 allows remote attackers to gain privileges by leveraging the combination of a servlet's deployment descriptor security constraints and ServletSecurity annotations.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
IbmWebsphere Application Server Version8.5.0.0
IbmWebsphere Application Server Version8.5.0.1
IbmWebsphere Application Server Version8.5.0.2
IbmWebsphere Application Server Version8.5.5.0
IbmWebsphere Application Server Version8.5.5.1
IbmWebsphere Application Server Version8.5.5.2
IbmWebsphere Application Server Version8.5.5.3
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.32% 0.812
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.1 4.9 6.4
AV:N/AC:H/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://www-01.ibm.com/support/docview.wss?uid=swg21690185
Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg1PI29911
http://www-01.ibm.com/support/docview.wss?uid=swg21963275
http://www.securityfocus.com/bid/71834
http://www.securitytracker.com/id/1033384
https://exchange.xforce.ibmcloud.com/vulnerabilities/99009