CVE-2017-1731 — IBM Websphere Application Server vulnerability

5 documents4 sources

Severity

8.8HIGHNVD

EPSS

1.7%

top 17.42%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Websphere Application Server

Timeline

PublishedJan 30

Latest updateMay 13

Description

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could provide weaker than expected security when using the Administrative Console. An authenticated remote attacker could exploit this vulnerability to possibly gain elevated privileges.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages2 packages

▶NVDibm/websphere_application_server7.0.0.0 — 7.0.0.43+3

▶CVEListV5ibm/websphere_application_server29 versions+28

🔴Vulnerability Details

GHSA

GHSA-grxm-2rx3-586j: IBM WebSphere Application Server 7↗2022-05-13

▶

CVEList

CVE-2017-1731: IBM WebSphere Application Server 7↗2018-01-30

▶

💬Community

Bugzilla

CVE-2017-3080 CVE-2017-3100 flash-plugin: information disclosure issues fixed in APSB17-21↗2017-07-11

▶

Bugzilla

CVE-2017-3099 flash-plugin: code execution issue fixed in APSB17-21↗2017-07-11

▶