WebSphere Application Server is shipped as a component of WebSphere Service Registry and Repository. Information about security vulnerabilities affecting WebSphere Application Server have been published in a security bulletin.
Please consult the security bulletin WebSphere Application Server for vulnerability details and information about fixes.
In addition to to CVE-2015-4872 WebSphere Service Registry and Repository is vulnerable to the following issues.
CVEID: CVE-2015-4911** **
DESCRIPTION: An unspecified vulnerability related to the JAXP component could allow a remote attacker to cause a denial of service.
CVSS Base Score: 5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/107360 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVEID: CVE-2015-4893** **
DESCRIPTION: An unspecified vulnerability related to the JAXP component could allow a remote attacker to cause a denial of service.
CVSS Base Score: 5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/107359 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVEID: CVE-2015-4803** **
DESCRIPTION: An unspecified vulnerability related to the JAXP component could allow a remote attacker to cause a denial of service.
CVSS Base Score: 5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/107358 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)
Principle Product and Version(s)
| Affected Supporting Product and Version
—|—
WebSphere Service Registry and Repository V8.5| WebSphere Application Server Network Deployment V8.5.5
WebSphere Service Registry and Repository V8.0| WebSphere Application Server Network Deployment V8.0
WebSphere Service Registry and Repository V7.5| WebSphere Application Server Network Deployment V7.0
WebSphere Service Registry and Repository V7.0| WebSphere Application Server Network Deployment V7.0