Design/Logic Flaw

2018-10-0114:29:00

PRIOn knowledge base

www.prio-n.com

6.3 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

37.9%

JSON

IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 resets access control settings to the out of the box configuration during Combined Cumulative Fix (CF) installation. This can lead to security miss-configuration of the installation. IBM X-Force ID: 138950.

CPENameOperatorVersion
websphere_portaleq8.5.0.0
websphere_portaleq8.5.0.0 cf1
websphere_portaleq8.0.0.1 cf8
websphere_portaleq8.0.0.1
websphere_portaleq7.0.0.0
websphere_portaleq7.0.0.2 cf17
websphere_portaleq7.0.0.2 cf22
websphere_portaleq8.0.0.1 cf6
websphere_portaleq8.5.0.0 cf2
websphere_portaleq8.0.0.0 cf4

Name	Operator	Version
websphere_portal	eq	8.5.0.0
websphere_portal	eq	8.5.0.0 cf1
websphere_portal	eq	8.0.0.1 cf8
websphere_portal	eq	8.0.0.1
websphere_portal	eq	7.0.0.0
websphere_portal	eq	7.0.0.2 cf17
websphere_portal	eq	7.0.0.2 cf22
websphere_portal	eq	8.0.0.1 cf6
websphere_portal	eq	8.5.0.0 cf2
websphere_portal	eq	8.0.0.0 cf4