Описание
WebSphereOauth20SP.ear in IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.39, 8.0 before 8.0.0.11, 8.5 Liberty Profile before 8.5.5.5, and 8.5 Full Profile before 8.5.5.6, when the OAuth grant type requires sending a password, allows remote attackers to gain privileges via unspecified vectors.
WebSphereOauth20SP.ear in IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.39, 8.0 before 8.0.0.11, 8.5 Liberty Profile before 8.5.5.5, and 8.5 Full Profile before 8.5.5.6, when the OAuth grant type requires sending a password, allows remote attackers to gain privileges via unspecified vectors.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2015-1885
- http://www-01.ibm.com/support/docview.wss?uid=swg1PI33202
- http://www-01.ibm.com/support/docview.wss?uid=swg1PI36211
- http://www-01.ibm.com/support/docview.wss?uid=swg21697368
- http://www-01.ibm.com/support/docview.wss?uid=swg21963275
- http://www.securityfocus.com/bid/74219
- http://www.securitytracker.com/id/1032190
EPSS
CVE ID
Связанные уязвимости
WebSphereOauth20SP.ear in IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.39, 8.0 before 8.0.0.11, 8.5 Liberty Profile before 8.5.5.5, and 8.5 Full Profile before 8.5.5.6, when the OAuth grant type requires sending a password, allows remote attackers to gain privileges via unspecified vectors.
EPSS