CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
Percentile
57.1%
Vulnerability has been identified in WebSsphere Application Server Liberty shipped wioth Cloud Pak System. IBM Cloud Pak System ships with optional Single- Sign-On (SSO) feature. Information about a security vulnerability affecting IBM WebSphere Application Server Liberty have been published in a security bulletin.
Refer to the security bulletin(s) listed in the Remediation/Fixes section
Affected Product(s) Version(s) | Affected Supporting Product(s) Version(s) |
---|---|
IBM Cloud Pak System 2.3 | WebSphere Application Server - Liberty 9.0 |
IBM Cloud Pak System Software Suite 2.3.3.0 | WebSphere Application Server - Liberty 9.0 |
Consult the following Security Bulletins for information and details about fixes. IBM strongly recommends to apply fix as soon as practical.
In order to apply the fix
1. Download the fix from IBM FixCentral
2. Upload the fix to Cloud Pak System
3. Apply the fix from CPS UI select WAS virtual system instance, manage, operations and fixpack, or through the command line.
None
Vendor | Product | Version | CPE |
---|---|---|---|
ibm | cloud_pak_system | 2.3 | cpe:2.3:a:ibm:cloud_pak_system:2.3:*:*:*:*:*:*:* |
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
Percentile
57.1%