CVE-2015-1886IBM Websphere Portal vulnerability

CWE-3993 documents3 sources
Severity
7.8HIGHNVD
EPSS
2.1%
top 15.96%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Websphere Portal
Timeline
PublishedApr 27
Latest updateMay 17

Description

The Remote Document Conversion Service (DCS) in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through 7.0.0.2 CF29, 8.0.0 before 8.0.0.1 CF16, and 8.5.0 through CF05 allows remote attackers to cause a denial of service (memory consumption) via crafted requests.

CVSS vector

AV:N/AC:L/C:N/I:N/A:CExploitability: 10.0 | Impact: 6.9

Affected Packages1 packages

NVDibm/websphere_portal17 versions+16

Patches

Patch: www-01.ibm.comPatch: www-01.ibm.com

🔴Vulnerability Details

2
GHSA
GHSA-q4wg-xr28-xp9f: The Remote Document Conversion Service (DCS) in IBM WebSphere Portal 62022-05-17
CVEList
CVE-2015-1886: The Remote Document Conversion Service (DCS) in IBM WebSphere Portal 62015-04-24
CVE-2015-1886 — IBM Websphere Portal vulnerability | cvebase