Lucene search
HistoryMay 01, 2014 - 5:29 p.m.
CVE-2014-0859
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
AI Score
6.2
Confidence
High
EPSS
0.02
Percentile
88.8%
The web-server plugin in IBM WebSphere Application Server (WAS) 7.x before 7.0.0.33, 8.x before 8.0.0.9, and 8.5.x before 8.5.5.2, when POST retries are enabled, allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors.
Affected configurations
Node
ibmwebsphere_application_serverMatch8.0.0.0
ORibmwebsphere_application_serverMatch8.0.0.1
ORibmwebsphere_application_serverMatch8.0.0.2
ORibmwebsphere_application_serverMatch8.0.0.3
ORibmwebsphere_application_serverMatch8.0.0.4
ORibmwebsphere_application_serverMatch8.0.0.5
ORibmwebsphere_application_serverMatch8.0.0.6
ORibmwebsphere_application_serverMatch8.0.0.7
ORibmwebsphere_application_serverMatch8.0.0.8
Node
ibmwebsphere_application_serverMatch8.5.0.0
ORibmwebsphere_application_serverMatch8.5.0.1
ORibmwebsphere_application_serverMatch8.5.0.2
ORibmwebsphere_application_serverMatch8.5.5.0
ORibmwebsphere_application_serverMatch8.5.5.1
Node
ibmwebsphere_application_serverMatch7.0
ORibmwebsphere_application_serverMatch7.0.0.1
ORibmwebsphere_application_serverMatch7.0.0.2
ORibmwebsphere_application_serverMatch7.0.0.3
ORibmwebsphere_application_serverMatch7.0.0.4
ORibmwebsphere_application_serverMatch7.0.0.5
ORibmwebsphere_application_serverMatch7.0.0.6
ORibmwebsphere_application_serverMatch7.0.0.7
ORibmwebsphere_application_serverMatch7.0.0.8
ORibmwebsphere_application_serverMatch7.0.0.9
ORibmwebsphere_application_serverMatch7.0.0.10
ORibmwebsphere_application_serverMatch7.0.0.11
ORibmwebsphere_application_serverMatch7.0.0.12
ORibmwebsphere_application_serverMatch7.0.0.13
ORibmwebsphere_application_serverMatch7.0.0.14
ORibmwebsphere_application_serverMatch7.0.0.15
ORibmwebsphere_application_serverMatch7.0.0.16
ORibmwebsphere_application_serverMatch7.0.0.17
ORibmwebsphere_application_serverMatch7.0.0.18
ORibmwebsphere_application_serverMatch7.0.0.19
ORibmwebsphere_application_serverMatch7.0.0.21
ORibmwebsphere_application_serverMatch7.0.0.22
ORibmwebsphere_application_serverMatch7.0.0.23
ORibmwebsphere_application_serverMatch7.0.0.24
ORibmwebsphere_application_serverMatch7.0.0.25
ORibmwebsphere_application_serverMatch7.0.0.27
ORibmwebsphere_application_serverMatch7.0.0.29
ORibmwebsphere_application_serverMatch7.0.0.31
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ibm | websphere_application_server | 8.0.0.0 | cpe:2.3:a:ibm:websphere_application_server:8.0.0.0:*:*:*:*:*:*:* |
| ibm | websphere_application_server | 8.0.0.1 | cpe:2.3:a:ibm:websphere_application_server:8.0.0.1:*:*:*:*:*:*:* |
| ibm | websphere_application_server | 8.0.0.2 | cpe:2.3:a:ibm:websphere_application_server:8.0.0.2:*:*:*:*:*:*:* |
| ibm | websphere_application_server | 8.0.0.3 | cpe:2.3:a:ibm:websphere_application_server:8.0.0.3:*:*:*:*:*:*:* |
| ibm | websphere_application_server | 8.0.0.4 | cpe:2.3:a:ibm:websphere_application_server:8.0.0.4:*:*:*:*:*:*:* |
| ibm | websphere_application_server | 8.0.0.5 | cpe:2.3:a:ibm:websphere_application_server:8.0.0.5:*:*:*:*:*:*:* |
| ibm | websphere_application_server | 8.0.0.6 | cpe:2.3:a:ibm:websphere_application_server:8.0.0.6:*:*:*:*:*:*:* |
| ibm | websphere_application_server | 8.0.0.7 | cpe:2.3:a:ibm:websphere_application_server:8.0.0.7:*:*:*:*:*:*:* |
| ibm | websphere_application_server | 8.0.0.8 | cpe:2.3:a:ibm:websphere_application_server:8.0.0.8:*:*:*:*:*:*:* |
| ibm | websphere_application_server | 8.5.0.0 | cpe:2.3:a:ibm:websphere_application_server:8.5.0.0:*:*:*:*:*:*:* |
Related
prion
prion
Code injection
2014-05-01 17:29:00
cve
cve
CVE-2014-0859
2014-05-01 17:29:56
cvelist
cvelist
CVE-2014-0859
2014-05-01 17:00:00
openvas
openvas
IBM Websphere Application Server Multiple Vulnerabilities -05 (Jan 2016)
2016-01-19 00:00:00
ibm
ibm
nessus
nessus
IBM WebSphere Application Server 7.0 < Fix Pack 33 Multiple Vulnerabilities
2014-08-01 00:00:00
IBM WebSphere Application Server 7.0 < 7.0.0.33 Multiple Vulnerabilities
2016-10-26 00:00:00
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
AI Score
6.2
Confidence
High
EPSS
0.02
Percentile
88.8%
Related for NVD:CVE-2014-0859