CVE-2017-1731

Summary

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could provide weaker than expected security when using the Administrative Console. An authenticated remote attacker could exploit this vulnerability to possibly gain elevated privileges.

Affected Software

VendorProductVersion RangeStatus
IBMWebSphere Application Server9.0affected
IBMWebSphere Application Server7.0.0.35affected
IBMWebSphere Application Server7.0.0.37affected
IBMWebSphere Application Server7.0.0.39affected
IBMWebSphere Application Server7.0.0.41affected
IBMWebSphere Application Server7.0.0.43affected
IBMWebSphere Application Server8.0.0.4affected
IBMWebSphere Application Server8.0.0.5affected
IBMWebSphere Application Server8.0.0.6affected
IBMWebSphere Application Server8.0.0.7affected
IBMWebSphere Application Server8.0.0.8affected
IBMWebSphere Application Server8.0.0.9affected
IBMWebSphere Application Server8.0.0.10affected
IBMWebSphere Application Server8.0.0.11affected
IBMWebSphere Application Server8.0.0.12affected
IBMWebSphere Application Server8.0.0.13affected
IBMWebSphere Application Server8.0.0.14affected
IBMWebSphere Application Server8.5.5.7affected
IBMWebSphere Application Server8.5.5.8affected
IBMWebSphere Application Server8.5.5.9affected
IBMWebSphere Application Server8.5.5.10affected
IBMWebSphere Application Server8.5.5.11affected
IBMWebSphere Application Server8.5.5.12affected
IBMWebSphere Application Server9.0.0.1affected
IBMWebSphere Application Server9.0.0.2affected
IBMWebSphere Application Server9.0.0.3affected
IBMWebSphere Application Server9.0.0.4affected
IBMWebSphere Application Server9.0.0.5affected
IBMWebSphere Application Server9.0.0.6affected

Weaknesses

  • Gain Privileges

ADP Enrichment

CVE Program Container

Additional References

References