Lucene search

[email protected]CVE-2016-5986

HistoryOct 01, 2016 - 1:59 a.m.

CVE-2016-5986

2016-10-0101:59:07

CWE-200

[email protected]

web.nvd.nist.gov

ibm

websphere

application server

security

vulnerability

cve-2016-5986

nvd

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

7.2 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

54.5%

JSON

IBM WebSphere Application Server (WAS) 7.x before 7.0.0.43, 8.0.x before 8.0.0.13, 8.5.x before 8.5.5.11, 9.0.x before 9.0.0.2, and Liberty before 16.0.0.3 mishandles responses, which allows remote attackers to obtain sensitive information via unspecified vectors.

Affected configurations

NVD

Node

ibmwebsphere_application_serverMatch7.0

ibmwebsphere_application_serverMatch7.0.0.0

ibmwebsphere_application_serverMatch7.0.0.1

ibmwebsphere_application_serverMatch7.0.0.2

ibmwebsphere_application_serverMatch7.0.0.3

ibmwebsphere_application_serverMatch7.0.0.4

ibmwebsphere_application_serverMatch7.0.0.5

ibmwebsphere_application_serverMatch7.0.0.6

ibmwebsphere_application_serverMatch7.0.0.7

ibmwebsphere_application_serverMatch7.0.0.8

ibmwebsphere_application_serverMatch7.0.0.9

ibmwebsphere_application_serverMatch7.0.0.10

ibmwebsphere_application_serverMatch7.0.0.11

ibmwebsphere_application_serverMatch7.0.0.12

ibmwebsphere_application_serverMatch7.0.0.13

ibmwebsphere_application_serverMatch7.0.0.14

ibmwebsphere_application_serverMatch7.0.0.15

ibmwebsphere_application_serverMatch7.0.0.16

ibmwebsphere_application_serverMatch7.0.0.17

ibmwebsphere_application_serverMatch7.0.0.18

ibmwebsphere_application_serverMatch7.0.0.19

ibmwebsphere_application_serverMatch7.0.0.21

ibmwebsphere_application_serverMatch7.0.0.22

ibmwebsphere_application_serverMatch7.0.0.23

ibmwebsphere_application_serverMatch7.0.0.24

ibmwebsphere_application_serverMatch7.0.0.25

ibmwebsphere_application_serverMatch7.0.0.27

ibmwebsphere_application_serverMatch7.0.0.28

ibmwebsphere_application_serverMatch7.0.0.29

ibmwebsphere_application_serverMatch7.0.0.31

ibmwebsphere_application_serverMatch7.0.0.32

ibmwebsphere_application_serverMatch7.0.0.33

ibmwebsphere_application_serverMatch7.0.0.34

ibmwebsphere_application_serverMatch7.0.0.35

ibmwebsphere_application_serverMatch7.0.0.36

ibmwebsphere_application_serverMatch7.0.0.37

ibmwebsphere_application_serverMatch7.0.0.38

ibmwebsphere_application_serverMatch7.0.0.39

ibmwebsphere_application_serverMatch7.0.0.41

ibmwebsphere_application_serverMatch8.0

ibmwebsphere_application_serverMatch8.0.0.0

ibmwebsphere_application_serverMatch8.0.0.1

ibmwebsphere_application_serverMatch8.0.0.2

ibmwebsphere_application_serverMatch8.0.0.3

ibmwebsphere_application_serverMatch8.0.0.4

ibmwebsphere_application_serverMatch8.0.0.5

ibmwebsphere_application_serverMatch8.0.0.6

ibmwebsphere_application_serverMatch8.0.0.7

ibmwebsphere_application_serverMatch8.0.0.8

ibmwebsphere_application_serverMatch8.0.0.9

ibmwebsphere_application_serverMatch8.0.0.10

ibmwebsphere_application_serverMatch8.0.0.11

ibmwebsphere_application_serverMatch8.0.0.12

ibmwebsphere_application_serverMatch8.5.0.0

ibmwebsphere_application_serverMatch8.5.0.0-liberty_profile

ibmwebsphere_application_serverMatch8.5.0.1-liberty_profile

ibmwebsphere_application_serverMatch8.5.0.2-liberty_profile

ibmwebsphere_application_serverMatch8.5.5.0-liberty_profile

ibmwebsphere_application_serverMatch8.5.5.1-liberty_profile

ibmwebsphere_application_serverMatch8.5.5.2-liberty_profile

ibmwebsphere_application_serverMatch8.5.5.4

ibmwebsphere_application_serverMatch8.5.5.5

ibmwebsphere_application_serverMatch8.5.5.6

ibmwebsphere_application_serverMatch8.5.5.7

ibmwebsphere_application_serverMatch8.5.5.8

ibmwebsphere_application_serverMatch8.5.5.9

ibmwebsphere_application_serverMatch9.0.0.0

Node

ibmwebsphere_application_serverMatch7.0

ibmwebsphere_application_serverMatch7.0.0.0

ibmwebsphere_application_serverMatch7.0.0.1

ibmwebsphere_application_serverMatch7.0.0.2

ibmwebsphere_application_serverMatch7.0.0.3

ibmwebsphere_application_serverMatch7.0.0.4

ibmwebsphere_application_serverMatch7.0.0.5

ibmwebsphere_application_serverMatch7.0.0.6

ibmwebsphere_application_serverMatch7.0.0.7

ibmwebsphere_application_serverMatch7.0.0.8

ibmwebsphere_application_serverMatch7.0.0.9

ibmwebsphere_application_serverMatch7.0.0.10

ibmwebsphere_application_serverMatch7.0.0.11

ibmwebsphere_application_serverMatch7.0.0.12

ibmwebsphere_application_serverMatch7.0.0.13

ibmwebsphere_application_serverMatch7.0.0.14

ibmwebsphere_application_serverMatch7.0.0.15

ibmwebsphere_application_serverMatch7.0.0.16

ibmwebsphere_application_serverMatch7.0.0.17

ibmwebsphere_application_serverMatch7.0.0.18

ibmwebsphere_application_serverMatch7.0.0.19

ibmwebsphere_application_serverMatch7.0.0.21

ibmwebsphere_application_serverMatch7.0.0.22

ibmwebsphere_application_serverMatch7.0.0.23

ibmwebsphere_application_serverMatch7.0.0.24

ibmwebsphere_application_serverMatch7.0.0.25

ibmwebsphere_application_serverMatch7.0.0.27

ibmwebsphere_application_serverMatch7.0.0.28

ibmwebsphere_application_serverMatch7.0.0.29

ibmwebsphere_application_serverMatch7.0.0.31

ibmwebsphere_application_serverMatch7.0.0.32

ibmwebsphere_application_serverMatch7.0.0.33

ibmwebsphere_application_serverMatch7.0.0.34

ibmwebsphere_application_serverMatch7.0.0.35

ibmwebsphere_application_serverMatch7.0.0.36

ibmwebsphere_application_serverMatch7.0.0.37

ibmwebsphere_application_serverMatch7.0.0.38

ibmwebsphere_application_serverMatch7.0.0.39

ibmwebsphere_application_serverMatch7.0.0.41

ibmwebsphere_application_serverMatch8.0

ibmwebsphere_application_serverMatch8.0.0.0

ibmwebsphere_application_serverMatch8.0.0.1

ibmwebsphere_application_serverMatch8.0.0.2

ibmwebsphere_application_serverMatch8.0.0.3

ibmwebsphere_application_serverMatch8.0.0.4

ibmwebsphere_application_serverMatch8.0.0.5

ibmwebsphere_application_serverMatch8.0.0.6

ibmwebsphere_application_serverMatch8.0.0.7

ibmwebsphere_application_serverMatch8.0.0.8

ibmwebsphere_application_serverMatch8.0.0.9

ibmwebsphere_application_serverMatch8.0.0.10

ibmwebsphere_application_serverMatch8.0.0.11

ibmwebsphere_application_serverMatch8.0.0.12

ibmwebsphere_application_serverMatch8.5.0.0

ibmwebsphere_application_serverMatch8.5.0.0-liberty_profile

ibmwebsphere_application_serverMatch8.5.0.1-liberty_profile

ibmwebsphere_application_serverMatch8.5.0.2-liberty_profile

ibmwebsphere_application_serverMatch8.5.5.0-liberty_profile

ibmwebsphere_application_serverMatch8.5.5.1-liberty_profile

ibmwebsphere_application_serverMatch8.5.5.2-liberty_profile

ibmwebsphere_application_serverMatch8.5.5.4

ibmwebsphere_application_serverMatch8.5.5.5

ibmwebsphere_application_serverMatch8.5.5.6

ibmwebsphere_application_serverMatch8.5.5.7

ibmwebsphere_application_serverMatch8.5.5.8

ibmwebsphere_application_serverMatch8.5.5.9

ibmwebsphere_application_serverMatch8.5.5.10

ibmwebsphere_application_serverMatch9.0.0.0

ibmwebsphere_application_serverMatch9.0.0.1

CPENameOperatorVersion
ibm:websphere_application_serveribm websphere application servereq7.0
ibm:websphere_application_serveribm websphere application servereq7.0.0.0
ibm:websphere_application_serveribm websphere application servereq7.0.0.1
ibm:websphere_application_serveribm websphere application servereq7.0.0.2
ibm:websphere_application_serveribm websphere application servereq7.0.0.3
ibm:websphere_application_serveribm websphere application servereq7.0.0.4
ibm:websphere_application_serveribm websphere application servereq7.0.0.5
ibm:websphere_application_serveribm websphere application servereq7.0.0.6
ibm:websphere_application_serveribm websphere application servereq7.0.0.7
ibm:websphere_application_serveribm websphere application servereq7.0.0.8

CPE	Name	Operator	Version
ibm:websphere_application_server	ibm websphere application server	eq	7.0
ibm:websphere_application_server	ibm websphere application server	eq	7.0.0.0
ibm:websphere_application_server	ibm websphere application server	eq	7.0.0.1
ibm:websphere_application_server	ibm websphere application server	eq	7.0.0.2
ibm:websphere_application_server	ibm websphere application server	eq	7.0.0.3
ibm:websphere_application_server	ibm websphere application server	eq	7.0.0.4
ibm:websphere_application_server	ibm websphere application server	eq	7.0.0.5
ibm:websphere_application_server	ibm websphere application server	eq	7.0.0.6
ibm:websphere_application_server	ibm websphere application server	eq	7.0.0.7
ibm:websphere_application_server	ibm websphere application server	eq	7.0.0.8

Rows per page:

1-10 of 661

References

www-01.ibm.com/support/docview.wss?uid=swg1PI67093

www-01.ibm.com/support/docview.wss?uid=swg21990056

www.securityfocus.com/bid/93013

www.securitytracker.com/id/1036838

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

7.2 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

54.5%

JSON

Related for CVE-2016-5986

openvas1 ibm82 cvelist1 prion1 nvd1 nessus1