CVE-2017-1382

Summary

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 might create files using the default permissions instead of the customized permissions when custom startup scripts are used. A local attacker could exploit this to gain access to files with an unknown impact. IBM X-Force ID: 127153.

Affected Software

VendorProductVersion RangeStatus
IBMWebSphere Application Server7.0affected
IBMWebSphere Application Server8.0affected
IBMWebSphere Application Server8.5affected
IBMWebSphere Application Server9.0affected

Weaknesses

  • Data Manipulation

ADP Enrichment

CVE Program Container

Additional References

References