CVE-2017-1731
N/A
N/A
Summary
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could provide weaker than expected security when using the Administrative Console. An authenticated remote attacker could exploit this vulnerability to possibly gain elevated privileges.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| IBM | WebSphere Application Server | 9.0 | affected |
| IBM | WebSphere Application Server | 7.0.0.35 | affected |
| IBM | WebSphere Application Server | 7.0.0.37 | affected |
| IBM | WebSphere Application Server | 7.0.0.39 | affected |
| IBM | WebSphere Application Server | 7.0.0.41 | affected |
| IBM | WebSphere Application Server | 7.0.0.43 | affected |
| IBM | WebSphere Application Server | 8.0.0.4 | affected |
| IBM | WebSphere Application Server | 8.0.0.5 | affected |
| IBM | WebSphere Application Server | 8.0.0.6 | affected |
| IBM | WebSphere Application Server | 8.0.0.7 | affected |
| IBM | WebSphere Application Server | 8.0.0.8 | affected |
| IBM | WebSphere Application Server | 8.0.0.9 | affected |
| IBM | WebSphere Application Server | 8.0.0.10 | affected |
| IBM | WebSphere Application Server | 8.0.0.11 | affected |
| IBM | WebSphere Application Server | 8.0.0.12 | affected |
| IBM | WebSphere Application Server | 8.0.0.13 | affected |
| IBM | WebSphere Application Server | 8.0.0.14 | affected |
| IBM | WebSphere Application Server | 8.5.5.7 | affected |
| IBM | WebSphere Application Server | 8.5.5.8 | affected |
| IBM | WebSphere Application Server | 8.5.5.9 | affected |
| IBM | WebSphere Application Server | 8.5.5.10 | affected |
| IBM | WebSphere Application Server | 8.5.5.11 | affected |
| IBM | WebSphere Application Server | 8.5.5.12 | affected |
| IBM | WebSphere Application Server | 9.0.0.1 | affected |
| IBM | WebSphere Application Server | 9.0.0.2 | affected |
| IBM | WebSphere Application Server | 9.0.0.3 | affected |
| IBM | WebSphere Application Server | 9.0.0.4 | affected |
| IBM | WebSphere Application Server | 9.0.0.5 | affected |
| IBM | WebSphere Application Server | 9.0.0.6 | affected |
Weaknesses
- Gain Privileges
ADP Enrichment
CVE Program Container
Additional References
- https://exchange.xforce.ibmcloud.com/vulnerabilities/134912
- http://www-01.ibm.com/support/docview.wss?uid=swg22012345&myns=swgws&mynp=OCSSEQTP&mync=R&cm_sp=swgws--OCSSEQTP--R
- http://www.securitytracker.com/id/1040356
- http://www.securityfocus.com/bid/102911
References
- https://exchange.xforce.ibmcloud.com/vulnerabilities/134912
- http://www-01.ibm.com/support/docview.wss?uid=swg22012345&myns=swgws&mynp=OCSSEQTP&mync=R&cm_sp=swgws--OCSSEQTP--R
- http://www.securitytracker.com/id/1040356
- http://www.securityfocus.com/bid/102911
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.