CVE-2015-7455IBM Websphere Portal vulnerability

CWE-2643 documents3 sources
Severity
3.1LOWNVD
EPSS
0.1%
top 74.82%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Websphere Portal
Timeline
PublishedFeb 29
Latest updateMay 17

Description

IBM WebSphere Portal 7.x through 7.0.0.2 CF29, 8.0.x before 8.0.0.1 CF20, and 8.5.x before 8.5.0.0 CF09 uses weak permissions for content items, which allows remote authenticated users to make modifications via the authoring UI.

CVSS vector

CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:NExploitability: 1.6 | Impact: 1.4

Affected Packages1 packages

NVDibm/websphere_portal6 versions+5

🔴Vulnerability Details

2
GHSA
GHSA-pg8h-rfwr-4vrx: IBM WebSphere Portal 72022-05-17
CVEList
CVE-2015-7455: IBM WebSphere Portal 72016-02-29