CVE-2015-1893

Sažetak

The IBM WebSphere DataPower XC10 appliance 2.1 before 2.1.0.3 allows remote attackers to hijack the sessions of arbitrary users, and consequently obtain sensitive information or modify data, via unspecified vectors.

Reference

http://www.securityfocus.com/bid/73916
http://www.securitytracker.com/id/1032025
http://www-01.ibm.com/support/docview.wss?uid=swg1IT07841
http://www-01.ibm.com/support/docview.wss?uid=swg21701337

CVSS

Base:	6.8
Impact:	6.4
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:M/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

04-08-2016 - 03:26

Objavljeno

06-04-2015 - 00:59