Lucene search
HistoryMay 01, 2014 - 5:29 p.m.
CVE-2014-0857
CVSS2
4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
AI Score
5.4
Confidence
High
EPSS
0.002
Percentile
52.5%
The Administrative Console in IBM WebSphere Application Server (WAS) 8.x before 8.0.0.9 and 8.5.x before 8.5.5.2 allows remote authenticated users to obtain sensitive information via a crafted request.
Affected configurations
Node
ibmwebsphere_application_serverMatch8.5.0.0
ORibmwebsphere_application_serverMatch8.5.0.1
ORibmwebsphere_application_serverMatch8.5.0.2
ORibmwebsphere_application_serverMatch8.5.5.0
ORibmwebsphere_application_serverMatch8.5.5.1
Node
ibmwebsphere_application_serverMatch7.0
Node
ibmwebsphere_application_serverMatch8.0.0.0
ORibmwebsphere_application_serverMatch8.0.0.1
ORibmwebsphere_application_serverMatch8.0.0.2
ORibmwebsphere_application_serverMatch8.0.0.3
ORibmwebsphere_application_serverMatch8.0.0.4
ORibmwebsphere_application_serverMatch8.0.0.5
ORibmwebsphere_application_serverMatch8.0.0.6
ORibmwebsphere_application_serverMatch8.0.0.7
ORibmwebsphere_application_serverMatch8.0.0.8
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ibm | websphere_application_server | 8.5.0.0 | cpe:2.3:a:ibm:websphere_application_server:8.5.0.0:*:*:*:*:*:*:* |
| ibm | websphere_application_server | 8.5.0.1 | cpe:2.3:a:ibm:websphere_application_server:8.5.0.1:*:*:*:*:*:*:* |
| ibm | websphere_application_server | 8.5.0.2 | cpe:2.3:a:ibm:websphere_application_server:8.5.0.2:*:*:*:*:*:*:* |
| ibm | websphere_application_server | 8.5.5.0 | cpe:2.3:a:ibm:websphere_application_server:8.5.5.0:*:*:*:*:*:*:* |
| ibm | websphere_application_server | 8.5.5.1 | cpe:2.3:a:ibm:websphere_application_server:8.5.5.1:*:*:*:*:*:*:* |
| ibm | websphere_application_server | 7.0 | cpe:2.3:a:ibm:websphere_application_server:7.0:*:*:*:*:*:*:* |
| ibm | websphere_application_server | 8.0.0.0 | cpe:2.3:a:ibm:websphere_application_server:8.0.0.0:*:*:*:*:*:*:* |
| ibm | websphere_application_server | 8.0.0.1 | cpe:2.3:a:ibm:websphere_application_server:8.0.0.1:*:*:*:*:*:*:* |
| ibm | websphere_application_server | 8.0.0.2 | cpe:2.3:a:ibm:websphere_application_server:8.0.0.2:*:*:*:*:*:*:* |
| ibm | websphere_application_server | 8.0.0.3 | cpe:2.3:a:ibm:websphere_application_server:8.0.0.3:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2014-0857
2014-05-01 17:00:00
prion
prion
Cross site request forgery (csrf)
2014-05-01 17:29:00
cve
cve
CVE-2014-0857
2014-05-01 17:29:56
openvas
openvas
IBM Websphere Application Server Multiple Vulnerabilities -04 (Jan 2016)
2016-01-19 00:00:00
ibm
ibm
Security Bulletin: Potential Security Vulnerabilities fixed in IBM WebSphere Application Server 8.5.5.2
2018-06-15 06:59:56
Security Bulletin: Potential Security Vulnerabilities fixed in IBM WebSphere Application Server 8.0.0.9
2022-09-08 00:26:26
WebSphere Application Server and IBM HTTP Server Security Bulletin List
2022-07-13 18:04:48
nessus
nessus
CVSS2
4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
AI Score
5.4
Confidence
High
EPSS
0.002
Percentile
52.5%
Related for NVD:CVE-2014-0857