IBM Lotus Quickr Connectors bundled in IBM Content Navigator’s Collaboration Services is affected by an Apache Commons File Upload vulnerability. IBM Lotus Quickr has resolved this vulnerability
CVEID:****CVE-2016-3092__ __
**DESCRIPTION:**Apache Tomcat is vulnerable to a denial of service, caused by an error in the Apache Commons FileUpload component. By sending file upload requests, an attacker could exploit this vulnerability to cause the server to become unresponsive.
CVSS Base Score: 5.3
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/114336> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
IBM Content Navigator 2.0.3 FP5 - FP7
Product
| VRMF| Remediation/First Fix
—|—|—
IBM Content Navigator | ICN 2.0.3 FP5 - FP7| Upgrade to IBM Content Navigator 2.0.3 FP8 (search for Content Navigator 2.0.3.8 in fixcentral )
For IBM Content Navigator 2.0.2 installations IBM recommends upgrading to a fixed, supported version/release/platform of the product
None