CVE-2015-7490Improper Access Control in IBM Infosphere Information Server

CWE-284Improper Access Control3 documents3 sources
Severity
3.1LOWNVD
EPSS
0.1%
top 67.79%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Infosphere Information Server
Timeline
PublishedMar 3
Latest updateMay 17

Description

IBM InfoSphere Information Server 8.5 through FP3, 8.7 through FP2, 9.1 through 9.1.2.0, 11.3 through 11.3.1.2, and 11.5 allows remote authenticated users to bypass intended access restrictions via a modified cookie.

CVSS vector

CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:NExploitability: 1.6 | Impact: 1.4

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-xg6w-w34w-wcwm: IBM InfoSphere Information Server 82022-05-17
CVEList
CVE-2015-7490: IBM InfoSphere Information Server 82016-03-03
CVE-2015-7490 — Improper Access Control in IBM | cvebase