4.3

CVE-2015-7454

EPSS 0.16%
Published 21.03.2016 14:59:00
Last modified 12.04.2025 10:46:40
Source psirt@us.ibm.com
Teams watchlist Login
Open Login

Business Space in IBM WebSphere Process Server 6.1.2.0 through 7.0.0.5 and Business Process Manager Advanced 7.5.x through 7.5.1.2, 8.0.x through 8.0.1.3, 8.5.0.x through 8.5.0.2, 8.5.5.x through 8.5.5.0, and 8.5.6.x through 8.5.6.2 allows remote authenticated users to bypass intended access restrictions and create an arbitrary page or space via unspecified vectors.

Affected products Warnungen 0 Metrics 3 CWE 0 References 7

Data is provided by the National Vulnerability Database (NVD)

Ibm ≫ Websphere Process Server Version6.1.2

Ibm ≫ Websphere Process Server Version6.1.2.1

Ibm ≫ Websphere Process Server Version6.1.2.2

Ibm ≫ Websphere Process Server Version6.1.2.3

Ibm ≫ Websphere Process Server Version6.2

Ibm ≫ Websphere Process Server Version6.2.0.1

Ibm ≫ Websphere Process Server Version6.2.0.2

Ibm ≫ Websphere Process Server Version6.2.0.3

Ibm ≫ Websphere Process Server Version7.0

Ibm ≫ Websphere Process Server Version7.0.0.1

Ibm ≫ Websphere Process Server Version7.0.0.2

Ibm ≫ Websphere Process Server Version7.0.0.3

Ibm ≫ Websphere Process Server Version7.0.0.4

Ibm ≫ Websphere Process Server Version7.0.0.5

Ibm ≫ Business Process Manager Version7.5.0.0 SwEditionadvanced

Ibm ≫ Business Process Manager Version7.5.0.1 SwEditionadvanced

Ibm ≫ Business Process Manager Version7.5.1.0 SwEditionadvanced

Ibm ≫ Business Process Manager Version7.5.1.1 SwEditionadvanced

Ibm ≫ Business Process Manager Version7.5.1.2 SwEditionadvanced

Ibm ≫ Business Process Manager Version8.0.0.0 SwEditionadvanced

Ibm ≫ Business Process Manager Version8.0.1.0 SwEditionadvanced

Ibm ≫ Business Process Manager Version8.0.1.1 SwEditionadvanced

Ibm ≫ Business Process Manager Version8.0.1.2 SwEditionadvanced

Ibm ≫ Business Process Manager Version8.0.1.3 SwEditionadvanced

Ibm ≫ Business Process Manager Version8.5.0.0 SwEditionadvanced

Ibm ≫ Business Process Manager Version8.5.0.1 SwEditionadvanced

Ibm ≫ Business Process Manager Version8.5.0.2 SwEditionadvanced

Ibm ≫ Business Process Manager Version8.5.5.0 SwEditionadvanced

Ibm ≫ Business Process Manager Version8.5.6.0 SwEditionadvanced

Ibm ≫ Business Process Manager Version8.5.6.1 SwEditionadvanced

Ibm ≫ Business Process Manager Version8.5.6.2 SwEditionadvanced

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.16%	0.374

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	4.3	2.8	1.4	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
nvd@nist.gov	4	8	2.9	AV:N/AC:L/Au:S/C:N/I:P/A:N

http://www.securitytracker.com/id/1035319

http://www-01.ibm.com/support/docview.wss?uid=swg1JR54678

http://www-01.ibm.com/support/docview.wss?uid=swg21972005

Patch

Vendor Advisory

http://www.securityfocus.com/bid/85089

https://nvd.nist.gov/vuln/detail/CVE-2015-7454

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2015-7454

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2015-7454

EUVD