CVE-2014-3083

MEDIUM

Description

IBM WebSphere Application Server (WAS) 7.0.x before 7.0.0.35, 8.0.x before 8.0.0.10, and 8.5.x before 8.5.5.3 does not properly restrict resource access, which allows remote attackers to obtain sensitive information via unspecified vectors.

References

http://www-01.ibm.com/support/docview.wss?uid=swg1PI17768

http://www-01.ibm.com/support/docview.wss?uid=swg21681249

http://www.securityfocus.com/bid/69298

https://exchange.xforce.ibmcloud.com/vulnerabilities/93954

Details

Source: MITRE

Published: 2014-08-22

Updated: 2017-08-29

Type: CWE-264

Risk Information

CVSS v2.0

Base Score: 5

Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)

Impact Score: 2.9

Exploitability Score: 10

Severity: MEDIUM