CVE-2015-7490

IBM InfoSphere Information Server 8.5 through FP3, 8.7 through FP2, 9.1 through 9.1.2.0, 11.3 through 11.3.1.2, and 11.5 allows remote authenticated users to bypass intended access restrictions via a modified cookie.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
3.1 LOW
NETWORK
HIGH
LOW
CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
ibmCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 27%
VendorProductVersion
ibminfosphere_information_server
8.5
ibminfosphere_information_server
8.5.0.1
ibminfosphere_information_server
8.5.0.2
ibminfosphere_information_server
8.5.0.3
ibminfosphere_information_server
8.7
ibminfosphere_information_server
8.7.0.1
ibminfosphere_information_server
8.7.0.2
ibminfosphere_information_server
9.1
ibminfosphere_information_server
9.1.0.1
ibminfosphere_information_server
9.1.2
ibminfosphere_information_server
11.3
ibminfosphere_information_server
11.3.1
ibminfosphere_information_server
11.5
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www-01.ibm.com/support/docview.wss?uid=swg1JR54787
http://www-01.ibm.com/support/docview.wss?uid=swg21975827
http://www.securitytracker.com/id/1035125
http://www-01.ibm.com/support/docview.wss?uid=swg1JR54787
http://www-01.ibm.com/support/docview.wss?uid=swg21975827
http://www.securitytracker.com/id/1035125