6.5

CVE-2016-5954

IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through 7.0.0.2 CF30, 8.0.0 through 8.0.0.1 CF21, and 8.5.0 before CF12 allows remote authenticated users to cause a denial of service by uploading temporary files.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
IbmWebsphere Portal Version6.1.0.0
IbmWebsphere Portal Version6.1.0.1
IbmWebsphere Portal Version6.1.0.2
IbmWebsphere Portal Version6.1.0.3
IbmWebsphere Portal Version6.1.0.4
IbmWebsphere Portal Version6.1.0.5
IbmWebsphere Portal Version6.1.0.6
IbmWebsphere Portal Version6.1.5.0
IbmWebsphere Portal Version6.1.5.1
IbmWebsphere Portal Version6.1.5.2
IbmWebsphere Portal Version6.1.5.3
IbmWebsphere Portal Version7.0.0.0
IbmWebsphere Portal Version7.0.0.1
IbmWebsphere Portal Version7.0.0.2
IbmWebsphere Portal Version8.0.0.0
IbmWebsphere Portal Version8.0.0.1
IbmWebsphere Portal Version8.5.0.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.31% 0.668
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 6.5 2.8 3.6
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov 4 8 2.9
AV:N/AC:L/Au:S/C:N/I:N/A:P
CWE-284 Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

http://www-01.ibm.com/support/docview.wss?uid=swg1PI67037
Not Applicable
http://www-01.ibm.com/support/docview.wss?uid=swg21989993
Patch
Vendor Advisory
http://www.securityfocus.com/bid/93017
http://www.securitytracker.com/id/1036762