CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
EPSS
Percentile
18.0%
WebSphere® Application Server is shipped with IBM® Intelligent Operations Center. Information about a security vulnerability affecting WebSphere® Application Server has been published in a security bulletin.
Refer to the security bulletin(s) listed in the Remediation/Fixes section
Affected Product(s) | Version(s) |
---|---|
IBM Intelligent Operations Center | 1.5.0, 1.6.0, 1.6.0.1, 1.6.0.2, 1.6.0.3 |
IBM Intelligent Operations Center for Emergency Management (Linux) | 1.6.0 |
Download the correct version of the fix from the following link: Security Bulletin: IBM WebSphere Application Server is vulnerable to cross-site scripting in the Admin Console (CVE-2023-26283). Installation instructions for the fix are included in the readme document that is in the fix package.
None
Vendor | Product | Version | CPE |
---|---|---|---|
ibm | intelligent_operations_center | 1.5.0 | cpe:2.3:a:ibm:intelligent_operations_center:1.5.0:*:*:*:*:*:*:* |
ibm | intelligent_operations_center | 1.6.0 | cpe:2.3:a:ibm:intelligent_operations_center:1.6.0:*:*:*:*:*:*:* |
ibm | intelligent_operations_center | 1.6.0.1 | cpe:2.3:a:ibm:intelligent_operations_center:1.6.0.1:*:*:*:*:*:*:* |
ibm | intelligent_operations_center | 1.6.0.2 | cpe:2.3:a:ibm:intelligent_operations_center:1.6.0.2:*:*:*:*:*:*:* |
ibm | intelligent_operations_center | 1.6.0.3 | cpe:2.3:a:ibm:intelligent_operations_center:1.6.0.3:*:*:*:*:*:*:* |
ibm | intelligent_operations_center | 5.2.1 | cpe:2.3:a:ibm:intelligent_operations_center:5.2.1:*:*:*:*:*:*:* |
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
EPSS
Percentile
18.0%