The IBM® Support Assistant Team Server is shipped with the Apache Commons FileUpload™ library which contains a security vulnerability which may lead to a denial of service against IBM Support Assistant Team Server.
CVEID:_CVE-__2014-0050 _
DESCRIPTION:
Apache Commons FileUpload and Tomcat are vulnerable to a denial of service, caused by the improper handling of Content-Type HTTP header for multipart requests. By sending a specifically-crafted request, an attacker could exploit this vulnerability to cause the application to enter into an infinite loop.
CVSS Base Score: 5.0
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/90987 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:X/AC:X/Au:X/C:X/I:X/A:X)
IBM Support Assistant v5r0m0
Apply fixpack 5.0.1. See the fix pack announcement for more information.
none
CPE | Name | Operator | Version |
---|---|---|---|
ibm support assistant | eq | 5.0 |