Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBMDCEF1EAD4FB55EB159F072650EDDC9C85C5715A429B7B3B466EF3251A3AE9340
HistoryJun 15, 2018 - 7:04 a.m.

Security Bulletin: Multiple vulnerabilities have been identified in WebSphere Application Server shipped with WebSphere Service Registry and Repository (CVE-2015-4872 CVE-2015-4911 CVE-2015-4893 CVE-2015-4803)

2018-06-1507:04:51
www.ibm.com
26

0.074 Low

EPSS

Percentile

94.1%

JSON

Summary

WebSphere Application Server is shipped as a component of WebSphere Service Registry and Repository. Information about security vulnerabilities affecting WebSphere Application Server have been published in a security bulletin.

Vulnerability Details

Please consult the security bulletin WebSphere Application Server for vulnerability details and information about fixes.

In addition to to CVE-2015-4872 WebSphere Service Registry and Repository is vulnerable to the following issues.

CVEID: CVE-2015-4911** **
DESCRIPTION: An unspecified vulnerability related to the JAXP component could allow a remote attacker to cause a denial of service.
CVSS Base Score: 5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/107360 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)

CVEID: CVE-2015-4893** **
DESCRIPTION: An unspecified vulnerability related to the JAXP component could allow a remote attacker to cause a denial of service.
CVSS Base Score: 5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/107359 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)

CVEID: CVE-2015-4803** **
DESCRIPTION: An unspecified vulnerability related to the JAXP component could allow a remote attacker to cause a denial of service.
CVSS Base Score: 5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/107358 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)

Affected Products and Versions

Principle Product and Version(s)

| Affected Supporting Product and Version
—|—
WebSphere Service Registry and Repository V8.5| WebSphere Application Server Network Deployment V8.5.5
WebSphere Service Registry and Repository V8.0| WebSphere Application Server Network Deployment V8.0
WebSphere Service Registry and Repository V7.5| WebSphere Application Server Network Deployment V7.0
WebSphere Service Registry and Repository V7.0| WebSphere Application Server Network Deployment V7.0

Related

ibm 61
nessus 34
debiancve 4
cvelist 4
f5 6
ubuntucve 4
prion 4
cve 4
nvd 4
openvas 34
amazon 3
suse 7
oraclelinux 4
redhat 5
ubuntu 2
centos 3
debian 3
veracode 12
mageia 1
ibm
ibm
Security Bulletin: Multiple vulnerabilities identified in IBM® Java SDK affect WebSphere Service Registry and Repository Studio (CVE-2015-4872, CVE-2015-4911, CVE-2015-4893, CVE-2015-4803)
2018-06-15 07:03:51
Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Network Advisor.
2018-06-18 00:28:23
Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM API Management (CVE-2015-4872 CVE-2015-4911 CVE-2015-4893 CVE-2015-4803)
2018-06-15 07:04:51
nessus
nessus
Oracle JRockit R28 < R28.3.8 Multiple Vulnerabilities (October 2015 CPU)
2015-10-21 00:00:00
RHEL 5 / 6 / 7 : java-1.6.0-openjdk (RHSA-2015:2086)
2015-11-19 00:00:00
Debian DLA-346-1 : openjdk-6 security update
2015-11-25 00:00:00
debiancve
debiancve
CVE-2015-4893
2015-10-21 23:59:53
CVE-2015-4803
2015-10-21 21:59:20
CVE-2015-4911
2015-10-22 00:00:14
cvelist
cvelist
CVE-2015-4911
2015-10-21 23:00:00
CVE-2015-4803
2015-10-21 21:00:00
CVE-2015-4893
2015-10-21 23:00:00
f5
f5
SOL05534090 - Java vulnerability CVE-2015-4803
2015-11-20 00:00:00
SOL14132811 - Java vulnerability CVE-2015-4893
2015-11-20 00:00:00
K05534090 : Java vulnerability CVE-2015-4803
2015-11-20 00:00:00
ubuntucve
ubuntucve
CVE-2015-4803
2015-10-21 00:00:00
CVE-2015-4893
2015-10-21 00:00:00
CVE-2015-4911
2015-10-21 00:00:00
prion
prion
Design/Logic Flaw
2015-10-21 23:59:00
Design/Logic Flaw
2015-10-21 21:59:00
Design/Logic Flaw
2015-10-22 00:00:00
cve
cve
CVE-2015-4803
2015-10-21 21:59:20
CVE-2015-4911
2015-10-22 00:00:14
CVE-2015-4893
2015-10-21 23:59:53
nvd
nvd
CVE-2015-4803
2015-10-21 21:59:20
CVE-2015-4893
2015-10-21 23:59:53
CVE-2015-4911
2015-10-22 00:00:14
openvas
openvas
CentOS: Security Advisory for java (CESA-2015:2086)
2021-04-21 00:00:00
Amazon Linux: Security Advisory (ALAS-2015-616)
2015-12-15 00:00:00
Ubuntu: Security Advisory (USN-2827-1)
2015-12-04 00:00:00
amazon
amazon
Important: java-1.6.0-openjdk
2015-12-14 10:00:00
Critical: java-1.7.0-openjdk
2015-10-27 13:52:00
Important: java-1.8.0-openjdk
2015-10-27 16:39:00
suse
suse
Security update for java-1_7_0-openjdk (important)
2015-11-02 16:35:18
Security update for java-1_7_0-openjdk (important)
2015-11-02 17:11:26
Security update for java-1_7_0-openjdk (important)
2015-11-12 14:18:13
oraclelinux
oraclelinux
java-1.7.0-openjdk security update
2015-10-21 00:00:00
java-1.7.0-openjdk security update
2015-10-21 00:00:00
java-1.6.0-openjdk security update
2015-11-18 00:00:00
redhat
redhat
(RHSA-2015:1921) Important: java-1.7.0-openjdk security update
2015-10-21 00:00:00
(RHSA-2015:1928) Important: java-1.6.0-sun security update
2015-10-22 18:21:17
(RHSA-2015:2086) Important: java-1.6.0-openjdk security update
2015-11-18 00:00:00
ubuntu
ubuntu
OpenJDK 6 vulnerabilities
2015-12-03 00:00:00
OpenJDK 7 vulnerabilities
2015-10-28 00:00:00
centos
centos
java security update
2015-10-21 23:24:30
java security update
2015-11-18 19:46:16
java security update
2015-10-21 23:14:14
debian
debian
[SECURITY] [DLA 346-1] openjdk-6 security update
2015-11-24 08:56:52
[SECURITY] [DSA 3381-1] openjdk-7 security update
2015-10-27 21:21:20
[SECURITY] [DSA 3381-2] openjdk-7 security update
2015-11-01 22:21:57
veracode
veracode
Authentication Bypass
2019-05-02 05:19:33
Information Disclosure
2019-05-02 05:19:32
Authentication Bypass
2019-05-02 05:19:32
mageia
mageia
Updated java-1.8.0-openjdk packages fix security vulnerabilities
2015-10-25 19:34:48

0.074 Low

EPSS

Percentile

94.1%

JSON
Related for DCEF1EAD4FB55EB159F072650EDDC9C85C5715A429B7B3B466EF3251A3AE9340
ibm61nessus34debiancve4cvelist4f56ubuntucve4prion4cve4nvd4openvas34amazon3suse7oraclelinux4redhat5ubuntu2centos3debian3veracode12mageia1