CVE-2015-4963

Sažetak

IBM Security Access Manager for Web 7.x before 7.0.0.16 and 8.x before 8.0.1.3 mishandles WebSEAL HTTPTransformation requests, which allows remote attackers to read or write to arbitrary files via unspecified vectors.

Reference

http://www.securitytracker.com/id/1034103
http://www-01.ibm.com/support/docview.wss?uid=swg1IV71196
http://www-01.ibm.com/support/docview.wss?uid=swg21964828

CVSS

Base:	7.5
Impact:	6.4
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

07-12-2016 - 18:15

Objavljeno

08-11-2015 - 22:59