CVE-2011-1368

high

Description

The JavaServer Faces (JSF) application functionality in IBM WebSphere Application Server 8.x before 8.0.0.1 does not properly handle requests, which allows remote attackers to read unspecified files via unknown vectors.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/70168

http://www.ibm.com/support/docview.wss?uid=swg1PM45992

http://www-01.ibm.com/support/docview.wss?uid=swg24030916

Details

Source: Mitre, NVD

Published: 2011-10-29

Risk Information

CVSS v2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Severity: High