CVE-2015-7441

medium

Description

Remote Artifact Loader (RAL) in IBM WebSphere Process Server 7 and Business Process Manager Advanced 7.5 through 7.5.1.2, 8.0 through 8.0.1.3, 8.5.0 through 8.5.0.2, 8.5.5 through 8.5.5.0, and 8.5.6 through 8.5.6.2 does not properly use SSL for its HTTPS connection, which allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors.

References

https://www-01.ibm.com/support/docview.wss?uid=swg21971968

http://www.securitytracker.com/id/1034532

http://www.securitytracker.com/id/1034531

http://www-01.ibm.com/support/docview.wss?uid=swg1JR54760

Details

Source: Mitre, NVD

Published: 2016-01-01

Updated: 2026-06-17

Risk Information

CVSS v2

Base Score: 4.9

Vector: CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:N

Severity: Medium

CVSS v3

Base Score: 6.8

Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N

Severity: Medium

EPSS

EPSS: 0.00255