CVE-2015-1887
Published Jul 14, 2015
Last updated 7 years ago
Overview
- Description
- IBM WebSphere Portal 7.0.0 through 7.0.0.2 CF29, 8.0.0 before 8.0.0.1 CF17, and 8.5.0 before CF06 allows remote attackers to obtain sensitive Java Content Repository (JCR) information via a crafted request.
- Source
- psirt@us.ibm.com
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 5
- Impact score
- 2.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:N/A:N
Weaknesses
- nvd@nist.gov
- CWE-200
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:websphere_portal:7.0.0.0:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6F27401D-AB52-4C6A-BAA9-516E05CFAF69"
},
{
"criteria": "cpe:2.3:a:ibm:websphere_portal:7.0.0.1:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1F28C710-8FDB-4474-B6EF-5835D4D7FE43"
},
{
"criteria": "cpe:2.3:a:ibm:websphere_portal:7.0.0.2:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6007CA87-31CA-44AB-AB7F-788E17AB85F6"
},
{
"criteria": "cpe:2.3:a:ibm:websphere_portal:8.0.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C90EF7A4-8181-42C3-BB95-395D0DD94C14"
},
{
"criteria": "cpe:2.3:a:ibm:websphere_portal:8.0.0.1:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AA4AD694-EA0E-4910-A3F9-EEDC510AFDF5"
},
{
"criteria": "cpe:2.3:a:ibm:websphere_portal:8.5.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D03AF20E-0C29-45A6-9B7F-8260D8D9E8BF"
}
],
"operator": "OR"
}
]
}
]