CVE-2015-7454

Business Space in IBM WebSphere Process Server 6.1.2.0 through 7.0.0.5 and Business Process Manager Advanced 7.5.x through 7.5.1.2, 8.0.x through 8.0.1.3, 8.5.0.x through 8.5.0.2, 8.5.5.x through 8.5.5.0, and 8.5.6.x through 8.5.6.2 allows remote authenticated users to bypass intended access restrictions and create an arbitrary page or space via unspecified vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.3 MEDIUM
NETWORK
LOW
LOW
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
ibmCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 45%
VendorProductVersion
ibmwebsphere_process_server
6.1.2
ibmwebsphere_process_server
6.1.2.1
ibmwebsphere_process_server
6.1.2.2
ibmwebsphere_process_server
6.1.2.3
ibmwebsphere_process_server
6.2
ibmwebsphere_process_server
6.2.0.1
ibmwebsphere_process_server
6.2.0.2
ibmwebsphere_process_server
6.2.0.3
ibmwebsphere_process_server
7.0
ibmwebsphere_process_server
7.0.0.1
ibmwebsphere_process_server
7.0.0.2
ibmwebsphere_process_server
7.0.0.3
ibmwebsphere_process_server
7.0.0.4
ibmwebsphere_process_server
7.0.0.5
ibmbusiness_process_manager
7.5.0.0
ibmbusiness_process_manager
7.5.0.1
ibmbusiness_process_manager
7.5.1.0
ibmbusiness_process_manager
7.5.1.1
ibmbusiness_process_manager
7.5.1.2
ibmbusiness_process_manager
8.0.0.0
ibmbusiness_process_manager
8.0.1.0
ibmbusiness_process_manager
8.0.1.1
ibmbusiness_process_manager
8.0.1.2
ibmbusiness_process_manager
8.0.1.3
ibmbusiness_process_manager
8.5.0.0
ibmbusiness_process_manager
8.5.0.1
ibmbusiness_process_manager
8.5.0.2
ibmbusiness_process_manager
8.5.5.0
ibmbusiness_process_manager
8.5.6.0
ibmbusiness_process_manager
8.5.6.1
ibmbusiness_process_manager
8.5.6.2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www-01.ibm.com/support/docview.wss?uid=swg1JR54678
http://www-01.ibm.com/support/docview.wss?uid=swg21972005
http://www.securityfocus.com/bid/85089
http://www.securitytracker.com/id/1035319
http://www-01.ibm.com/support/docview.wss?uid=swg1JR54678
http://www-01.ibm.com/support/docview.wss?uid=swg21972005
http://www.securityfocus.com/bid/85089
http://www.securitytracker.com/id/1035319