IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 resets access control settings to the out of the box configuration during Combined Cumulative Fix (CF) installation. This can lead to security miss-configuration of the installation. IBM X-Force ID: 138950.
The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Websphere_portal | Ibm | 8.5.0.0 | 8.5.0.0 |
Websphere_portal | Ibm | 8.5.0.0 | 8.5.0.0 |
Websphere_portal | Ibm | 8.0.0.1 | 8.0.0.1 |
Websphere_portal | Ibm | 8.0.0.1 | 8.0.0.1 |
Websphere_portal | Ibm | 7.0.0.0 | 7.0.0.0 |
Websphere_portal | Ibm | 7.0.0.2 | 7.0.0.2 |
Websphere_portal | Ibm | 7.0.0.2 | 7.0.0.2 |
Websphere_portal | Ibm | 8.0.0.1 | 8.0.0.1 |
Websphere_portal | Ibm | 8.5.0.0 | 8.5.0.0 |
Websphere_portal | Ibm | 8.0.0.0 | 8.0.0.0 |
Websphere_portal | Ibm | 7.0.0.2 | 7.0.0.2 |
Websphere_portal | Ibm | 7.0.0.2 | 7.0.0.2 |
Websphere_portal | Ibm | 7.0.0.1 | 7.0.0.1 |
Websphere_portal | Ibm | 7.0.0.2 | 7.0.0.2 |
Websphere_portal | Ibm | 8.0.0.1 | 8.0.0.1 |
Websphere_portal | Ibm | 8.0.0.1 | 8.0.0.1 |
Websphere_portal | Ibm | 7.0.0.2 | 7.0.0.2 |
Websphere_portal | Ibm | 8.0.0.1 | 8.0.0.1 |
Websphere_portal | Ibm | 7.0.0.2 | 7.0.0.2 |
Websphere_portal | Ibm | 7.0.0.2 | 7.0.0.2 |
Websphere_portal | Ibm | 8.0.0.0 | 8.0.0.0 |
Websphere_portal | Ibm | 7.0.0.2 | 7.0.0.2 |
Websphere_portal | Ibm | 8.0.0.0 | 8.0.0.0 |
Websphere_portal | Ibm | 7.0.0.1 | 7.0.0.1 |
Websphere_portal | Ibm | 7.0.0.2 | 7.0.0.2 |
Websphere_portal | Ibm | 8.0.0.1 | 8.0.0.1 |
Websphere_portal | Ibm | 8.0.0.1 | 8.0.0.1 |
Websphere_portal | Ibm | 8.0.0.0 | 8.0.0.0 |
Websphere_portal | Ibm | 8.0.0.0 | 8.0.0.0 |
Websphere_portal | Ibm | 8.0.0.1 | 8.0.0.1 |
Websphere_portal | Ibm | 7.0.0.2 | 7.0.0.2 |
Websphere_portal | Ibm | 8.0.0.1 | 8.0.0.1 |
Websphere_portal | Ibm | 7.0.0.2 | 7.0.0.2 |
Websphere_portal | Ibm | 8.0.0.1 | 8.0.0.1 |
Websphere_portal | Ibm | 7.0.0.2 | 7.0.0.2 |
Websphere_portal | Ibm | 7.0.0.2 | 7.0.0.2 |
Websphere_portal | Ibm | 7.0.0.2 | 7.0.0.2 |
Websphere_portal | Ibm | 7.0.0.2 | 7.0.0.2 |
Websphere_portal | Ibm | 7.0.0.2 | 7.0.0.2 |
Websphere_portal | Ibm | 7.0.0.2 | 7.0.0.2 |
Websphere_portal | Ibm | 7.0.0.2 | 7.0.0.2 |
Websphere_portal | Ibm | 7.0.0.2 | 7.0.0.2 |
Websphere_portal | Ibm | 7.0.0.1 | 7.0.0.1 |
Websphere_portal | Ibm | 7.0.0.1 | 7.0.0.1 |
Websphere_portal | Ibm | 7.0.0.1 | 7.0.0.1 |
Websphere_portal | Ibm | 7.0.0.1 | 7.0.0.1 |
Websphere_portal | Ibm | 7.0.0.1 | 7.0.0.1 |
Websphere_portal | Ibm | 7.0.0.1 | 7.0.0.1 |
Websphere_portal | Ibm | 7.0.0.1 | 7.0.0.1 |
Websphere_portal | Ibm | 7.0.0.1 | 7.0.0.1 |
Websphere_portal | Ibm | 7.0.0.1 | 7.0.0.1 |
Websphere_portal | Ibm | 9.0.0.0 | 9.0.0.0 |
Websphere_portal | Ibm | 9.0.0.0 | 9.0.0.0 |
Websphere_portal | Ibm | 8.5.0.0 | 8.5.0.0 |
Websphere_portal | Ibm | 8.5.0.0 | 8.5.0.0 |
Websphere_portal | Ibm | 8.5.0.0 | 8.5.0.0 |
Websphere_portal | Ibm | 8.5.0.0 | 8.5.0.0 |
Websphere_portal | Ibm | 8.5.0.0 | 8.5.0.0 |
Websphere_portal | Ibm | 8.5.0.0 | 8.5.0.0 |
Websphere_portal | Ibm | 8.5.0.0 | 8.5.0.0 |
Websphere_portal | Ibm | 8.5.0.0 | 8.5.0.0 |
Websphere_portal | Ibm | 8.5.0.0 | 8.5.0.0 |
Websphere_portal | Ibm | 8.5.0.0 | 8.5.0.0 |
Websphere_portal | Ibm | 8.5.0.0 | 8.5.0.0 |
Websphere_portal | Ibm | 8.5.0.0 | 8.5.0.0 |
Websphere_portal | Ibm | 8.5.0.0 | 8.5.0.0 |
Websphere_portal | Ibm | 8.0.0.1 | 8.0.0.1 |
Websphere_portal | Ibm | 8.0.0.1 | 8.0.0.1 |
Websphere_portal | Ibm | 8.0.0.1 | 8.0.0.1 |
Websphere_portal | Ibm | 8.0.0.1 | 8.0.0.1 |
Websphere_portal | Ibm | 8.0.0.1 | 8.0.0.1 |
Websphere_portal | Ibm | 8.0.0.1 | 8.0.0.1 |
Websphere_portal | Ibm | 8.0.0.1 | 8.0.0.1 |
Websphere_portal | Ibm | 8.0.0.1 | 8.0.0.1 |
Websphere_portal | Ibm | 8.0.0.1 | 8.0.0.1 |
Websphere_portal | Ibm | 8.0.0.0 | 8.0.0.0 |
Websphere_portal | Ibm | 8.0.0.0 | 8.0.0.0 |
Websphere_portal | Ibm | 9.0.0.0 | 9.0.0.0 |