CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
AI Score
Confidence
High
EPSS
Percentile
64.6%
The addFileRegistryAccount Virtual Member Manager (VMM) SPI Admin Task in IBM WebSphere Application Server (WAS) 8.0.x before 8.0.0.10 and 8.5.x before 8.5.5.3 does not properly create accounts, which allows remote attackers to bypass intended access restrictions via unspecified vectors.
Vendor | Product | Version | CPE |
---|---|---|---|
ibm | websphere_application_server | 8.5.0.0 | cpe:2.3:a:ibm:websphere_application_server:8.5.0.0:*:*:*:*:*:*:* |
ibm | websphere_application_server | 8.5.0.1 | cpe:2.3:a:ibm:websphere_application_server:8.5.0.1:*:*:*:*:*:*:* |
ibm | websphere_application_server | 8.5.0.2 | cpe:2.3:a:ibm:websphere_application_server:8.5.0.2:*:*:*:*:*:*:* |
ibm | websphere_application_server | 8.5.5.0 | cpe:2.3:a:ibm:websphere_application_server:8.5.5.0:*:*:*:*:*:*:* |
ibm | websphere_application_server | 8.5.5.1 | cpe:2.3:a:ibm:websphere_application_server:8.5.5.1:*:*:*:*:*:*:* |
ibm | websphere_application_server | 8.5.5.2 | cpe:2.3:a:ibm:websphere_application_server:8.5.5.2:*:*:*:*:*:*:* |
ibm | websphere_application_server | 8.0.0.0 | cpe:2.3:a:ibm:websphere_application_server:8.0.0.0:*:*:*:*:*:*:* |
ibm | websphere_application_server | 8.0.0.1 | cpe:2.3:a:ibm:websphere_application_server:8.0.0.1:*:*:*:*:*:*:* |
ibm | websphere_application_server | 8.0.0.2 | cpe:2.3:a:ibm:websphere_application_server:8.0.0.2:*:*:*:*:*:*:* |
ibm | websphere_application_server | 8.0.0.3 | cpe:2.3:a:ibm:websphere_application_server:8.0.0.3:*:*:*:*:*:*:* |