CVE-2015-0174

medium

Description

The SNMP implementation in IBM WebSphere Application Server (WAS) 8.5 before 8.5.5.5 does not properly handle configuration data, which allows remote authenticated users to obtain sensitive information via unspecified vectors.

References

http://www.securitytracker.com/id/1032190

http://www-01.ibm.com/support/docview.wss?uid=swg1PI21072

http://www-01.ibm.com/support/docview.wss?uid=swg21697368

Details

Source: MITRE

Published: 2015-04-27

Updated: 2015-11-30

Type: CWE-200

Risk Information

CVSS v2

Base Score: 4

Vector: AV:N/AC:L/Au:S/C:P/I:N/A:N

Impact Score: 2.9

Exploitability Score: 8

Severity: MEDIUM