CVE Vulnerabilities

CVE-2015-7454

Published: Mar 21, 2016 | Modified: Dec 03, 2016
CVSS 3.x
4.3
MEDIUM
Source:
NVD
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
CVSS 2.x
4 MEDIUM
AV:N/AC:L/Au:S/C:N/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

Business Space in IBM WebSphere Process Server 6.1.2.0 through 7.0.0.5 and Business Process Manager Advanced 7.5.x through 7.5.1.2, 8.0.x through 8.0.1.3, 8.5.0.x through 8.5.0.2, 8.5.5.x through 8.5.5.0, and 8.5.6.x through 8.5.6.2 allows remote authenticated users to bypass intended access restrictions and create an arbitrary page or space via unspecified vectors.

Affected Software

Name Vendor Start Version End Version
Websphere_process_server Ibm 6.1.2 (including) 6.1.2 (including)
Websphere_process_server Ibm 6.1.2.1 (including) 6.1.2.1 (including)
Websphere_process_server Ibm 6.1.2.2 (including) 6.1.2.2 (including)
Websphere_process_server Ibm 6.1.2.3 (including) 6.1.2.3 (including)
Websphere_process_server Ibm 6.2 (including) 6.2 (including)
Websphere_process_server Ibm 6.2.0.1 (including) 6.2.0.1 (including)
Websphere_process_server Ibm 6.2.0.2 (including) 6.2.0.2 (including)
Websphere_process_server Ibm 6.2.0.3 (including) 6.2.0.3 (including)
Websphere_process_server Ibm 7.0 (including) 7.0 (including)
Websphere_process_server Ibm 7.0.0.1 (including) 7.0.0.1 (including)
Websphere_process_server Ibm 7.0.0.2 (including) 7.0.0.2 (including)
Websphere_process_server Ibm 7.0.0.3 (including) 7.0.0.3 (including)
Websphere_process_server Ibm 7.0.0.4 (including) 7.0.0.4 (including)
Websphere_process_server Ibm 7.0.0.5 (including) 7.0.0.5 (including)

References