File upload functionality within IBM Workload Deployer might lead to server compromise and Denial of Service (DoS).
CVEID:CVE-2014-6158
DESCRIPTION:
IBM PureApplication System’s file upload functions might lead to server compromise and DoS when authorized users create or edit components such as a “Script Package”, “Add-On”, or “Emergency Fixes”.
CVSS Base Score: 9.0
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/97707 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:S/C:C/I:C/A:C)
IBM Workload Deployer V3.1.0.7 and later
The solution is to apply the IBM Workload Deployer v3.1.0.7 Interim Fix 5:
None