4.3

CVE-2016-2960

EPSS 0.68%
Published 08.08.2016 01:59:11
Last modified 12.04.2025 10:46:40
Source psirt@us.ibm.com
Teams watchlist Login
Open Login

IBM WebSphere Application Server (WAS) 7.x before 7.0.0.43, 8.0.0.x before 8.0.0.13, 8.5.0.x before 8.5.5.10, 8.5.0.x and 16.0.0.x Liberty before Liberty Fix Pack 16.0.0.3, and 9.0.0.x before 9.0.0.1 allows remote attackers to cause a denial of service via crafted SIP messages.

Affected products Warnungen 0 Metrics 3 CWE 1 References 7

Data is provided by the National Vulnerability Database (NVD)

Ibm ≫ Websphere Application Server Version7.0

Ibm ≫ Websphere Application Server Version7.0.0.0

Ibm ≫ Websphere Application Server Version7.0.0.1

Ibm ≫ Websphere Application Server Version7.0.0.2

Ibm ≫ Websphere Application Server Version7.0.0.3

Ibm ≫ Websphere Application Server Version7.0.0.4

Ibm ≫ Websphere Application Server Version7.0.0.5

Ibm ≫ Websphere Application Server Version7.0.0.6

Ibm ≫ Websphere Application Server Version7.0.0.7

Ibm ≫ Websphere Application Server Version7.0.0.8

Ibm ≫ Websphere Application Server Version7.0.0.9

Ibm ≫ Websphere Application Server Version7.0.0.10

Ibm ≫ Websphere Application Server Version7.0.0.11

Ibm ≫ Websphere Application Server Version7.0.0.12

Ibm ≫ Websphere Application Server Version7.0.0.13

Ibm ≫ Websphere Application Server Version7.0.0.14

Ibm ≫ Websphere Application Server Version7.0.0.15

Ibm ≫ Websphere Application Server Version7.0.0.16

Ibm ≫ Websphere Application Server Version7.0.0.17

Ibm ≫ Websphere Application Server Version7.0.0.18

Ibm ≫ Websphere Application Server Version7.0.0.19

Ibm ≫ Websphere Application Server Version7.0.0.21

Ibm ≫ Websphere Application Server Version7.0.0.22

Ibm ≫ Websphere Application Server Version7.0.0.23

Ibm ≫ Websphere Application Server Version7.0.0.24

Ibm ≫ Websphere Application Server Version7.0.0.25

Ibm ≫ Websphere Application Server Version7.0.0.27

Ibm ≫ Websphere Application Server Version7.0.0.28

Ibm ≫ Websphere Application Server Version7.0.0.29

Ibm ≫ Websphere Application Server Version7.0.0.31

Ibm ≫ Websphere Application Server Version7.0.0.32

Ibm ≫ Websphere Application Server Version7.0.0.33

Ibm ≫ Websphere Application Server Version7.0.0.34

Ibm ≫ Websphere Application Server Version7.0.0.35

Ibm ≫ Websphere Application Server Version7.0.0.36

Ibm ≫ Websphere Application Server Version7.0.0.37

Ibm ≫ Websphere Application Server Version7.0.0.38

Ibm ≫ Websphere Application Server Version7.0.0.39

Ibm ≫ Websphere Application Server Version7.0.0.41

Ibm ≫ Websphere Application Server Version8.0

Ibm ≫ Websphere Application Server Version8.0.0.0

Ibm ≫ Websphere Application Server Version8.0.0.1

Ibm ≫ Websphere Application Server Version8.0.0.2

Ibm ≫ Websphere Application Server Version8.0.0.3

Ibm ≫ Websphere Application Server Version8.0.0.4

Ibm ≫ Websphere Application Server Version8.0.0.5

Ibm ≫ Websphere Application Server Version8.0.0.6

Ibm ≫ Websphere Application Server Version8.0.0.7

Ibm ≫ Websphere Application Server Version8.0.0.8

Ibm ≫ Websphere Application Server Version8.0.0.9

Ibm ≫ Websphere Application Server Version8.0.0.10

Ibm ≫ Websphere Application Server Version8.0.0.11

Ibm ≫ Websphere Application Server Version8.0.0.12

Ibm ≫ Websphere Application Server Version8.5.0.0

Ibm ≫ Websphere Application Server Version8.5.0.0 Update- Editionliberty_profile

Ibm ≫ Websphere Application Server Version8.5.0.1 Update- Editionliberty_profile

Ibm ≫ Websphere Application Server Version8.5.0.2 Update- Editionliberty_profile

Ibm ≫ Websphere Application Server Version8.5.5.0 Update- Editionliberty_profile

Ibm ≫ Websphere Application Server Version8.5.5.1 Update- Editionliberty_profile

Ibm ≫ Websphere Application Server Version8.5.5.2 Update- Editionliberty_profile

Ibm ≫ Websphere Application Server Version8.5.5.4

Ibm ≫ Websphere Application Server Version8.5.5.5

Ibm ≫ Websphere Application Server Version8.5.5.6

Ibm ≫ Websphere Application Server Version8.5.5.7

Ibm ≫ Websphere Application Server Version8.5.5.8

Ibm ≫ Websphere Application Server Version8.5.5.9

Ibm ≫ Websphere Application Server Version9.0.0.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.68%	0.691

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	3.7	2.2	1.4	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
nvd@nist.gov	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:N/I:N/A:P

CWE-284 Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

http://www-01.ibm.com/support/docview.wss?uid=swg1PI61548

Broken Link

http://www-01.ibm.com/support/docview.wss?uid=swg21984796

Patch

Vendor Advisory

http://www.securityfocus.com/bid/92354

http://www.securitytracker.com/id/1036514

https://nvd.nist.gov/vuln/detail/CVE-2016-2960

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2016-2960

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2016-2960

EUVD