CVE-2017-1501

Опубликовано: 18 авг. 2017

Источник: nvd

CVSS3: 5.9

CVSS2: 4.3

EPSS Низкий

Описание

IBM WebSphere Application Server 8.0, 8.5, and 9.0 could provide weaker than expected security after using the Admin Console to update the web services security bindings settings. IBM X-Force ID: 129576.

Ссылки

http://www.ibm.com/support/docview.wss?uid=swg22006810
Patch
Vendor Advisory
http://www.securityfocus.com/bid/100394
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1039199
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/129576
VDB Entry
Vendor Advisory
http://www.ibm.com/support/docview.wss?uid=swg22006810
Patch
Vendor Advisory
http://www.securityfocus.com/bid/100394
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1039199
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/129576
VDB Entry
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:ibm:websphere_application_server:8.0.0.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:8.0.0.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:8.0.0.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:8.0.0.3:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:8.0.0.4:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:8.0.0.5:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:8.0.0.6:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:8.0.0.7:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:8.0.0.8:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:8.0.0.9:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:8.0.0.10:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:8.0.0.11:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:8.0.0.12:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:8.0.0.13:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:8.5.5.10:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:8.5.5.11:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:9.0.0.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:9.0.0.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:9.0.0.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:9.0.0.3:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_application_server:9.0.0.4:*:*:*:*:*:*:*

EPSS

Процентиль: 72%

0.00701

Низкий

5.9 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-200

Связанные уязвимости

GHSA-5p86-qj67-4q39