CVE-2015-1932

EUVD-2015-2037
IBM WebSphere Application Server 7.x before 7.0.0.39, 8.0.x before 8.0.0.11, and 8.5.x before 8.5.5.7 and WebSphere Virtual Enterprise before 7.0.0.7 allow remote attackers to obtain potentially sensitive information about the proxy-server software by reading the HTTP Via header.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 58%
Affected Products (NVD)
VendorProductVersion
ibmwebsphere_virtual_enterprise
𝑥
≤ 7.0.0.6
ibmwebsphere_application_server
7.0.0.1
ibmwebsphere_application_server
7.0.0.2
ibmwebsphere_application_server
7.0.0.3
ibmwebsphere_application_server
7.0.0.4
ibmwebsphere_application_server
7.0.0.5
ibmwebsphere_application_server
7.0.0.6
ibmwebsphere_application_server
7.0.0.7
ibmwebsphere_application_server
7.0.0.8
ibmwebsphere_application_server
7.0.0.9
ibmwebsphere_application_server
7.0.0.10
ibmwebsphere_application_server
7.0.0.11
ibmwebsphere_application_server
7.0.0.12
ibmwebsphere_application_server
7.0.0.13
ibmwebsphere_application_server
7.0.0.14
ibmwebsphere_application_server
7.0.0.15
ibmwebsphere_application_server
7.0.0.16
ibmwebsphere_application_server
7.0.0.17
ibmwebsphere_application_server
7.0.0.18
ibmwebsphere_application_server
7.0.0.19
ibmwebsphere_application_server
7.0.0.21
ibmwebsphere_application_server
7.0.0.22
ibmwebsphere_application_server
7.0.0.23
ibmwebsphere_application_server
7.0.0.24
ibmwebsphere_application_server
7.0.0.25
ibmwebsphere_application_server
7.0.0.27
ibmwebsphere_application_server
7.0.0.29
ibmwebsphere_application_server
7.0.0.31
ibmwebsphere_application_server
7.0.0.32
ibmwebsphere_application_server
7.0.0.33
ibmwebsphere_application_server
7.0.0.34
ibmwebsphere_application_server
7.0.0.36
ibmwebsphere_application_server
7.0.0.37
ibmwebsphere_application_server
7.0.0.38
ibmwebsphere_application_server
8.0.0.0
ibmwebsphere_application_server
8.0.0.1
ibmwebsphere_application_server
8.0.0.2
ibmwebsphere_application_server
8.0.0.3
ibmwebsphere_application_server
8.0.0.4
ibmwebsphere_application_server
8.0.0.5
ibmwebsphere_application_server
8.0.0.6
ibmwebsphere_application_server
8.0.0.7
ibmwebsphere_application_server
8.0.0.8
ibmwebsphere_application_server
8.0.0.9
ibmwebsphere_application_server
8.0.0.10
ibmwebsphere_application_server
8.5.0.0
ibmwebsphere_application_server
8.5.0.1
ibmwebsphere_application_server
8.5.0.2
ibmwebsphere_application_server
8.5.5.0
ibmwebsphere_application_server
8.5.5.1
ibmwebsphere_application_server
8.5.5.2
ibmwebsphere_application_server
8.5.5.3
ibmwebsphere_application_server
8.5.5.4
ibmwebsphere_application_server
8.5.5.5
ibmwebsphere_application_server
8.5.5.6
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www-01.ibm.com/support/docview.wss?uid=swg1PI38403
http://www-01.ibm.com/support/docview.wss?uid=swg21963275
http://www.securityfocus.com/bid/76466
http://www.securitytracker.com/id/1033325
http://www-01.ibm.com/support/docview.wss?uid=swg1PI38403
http://www-01.ibm.com/support/docview.wss?uid=swg21963275
http://www.securityfocus.com/bid/76466
http://www.securitytracker.com/id/1033325