Public disclosed vulnerability from Spring Framework affects IBM Spectrum LSF Explorer
**CVE-ID:**CVE-2018-15756 Description: Pivotal Spring Framework is vulnerable to a denial of service, caused by improper handling of range request by the ResourceHttpRequestHandler. By adding a range header with a high number of ranges, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CVSS Base Score: 7.5
CVSS Temporal Score: <https://exchange.xforce.ibmcloud.com/vulnerabilities/151641> for more information
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
Spectrum LSF Explorer 10.2, 10.2.0.6, 10.2.0.7
<Product
|
VRMF
|
APAR
|
Remediation/First Fix
โ|โ|โ|โ
Spectrum LSF Explorer
|
10.2
|
None
|
See workaround
Spectrum LSF Explorer
|
10.2.0.6
|
None
|
See workaround
Spectrum LSF Explorer
|
10.2.0.7
|
None
|
See workaround
Spectrum LSF Explorer 10.2 & 10.2.0.6 & 10.2.0.7
CPE | Name | Operator | Version |
---|---|---|---|
ibm spectrum lsf explorer | eq | any |