CVE-2017-1501

medium

Description

IBM WebSphere Application Server 8.0, 8.5, and 9.0 could provide weaker than expected security after using the Admin Console to update the web services security bindings settings. IBM X-Force ID: 129576.

References

http://www.ibm.com/support/docview.wss?uid=swg22006810

http://www.securityfocus.com/bid/100394

http://www.securitytracker.com/id/1039199

https://exchange.xforce.ibmcloud.com/vulnerabilities/129576

Details

Source: MITRE

Published: 2017-08-18

Updated: 2017-08-24

Type: CWE-200

Risk Information

CVSS v2

Base Score: 4.3

Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N

Impact Score: 2.9

Exploitability Score: 8.6

Severity: MEDIUM

CVSS v3

Base Score: 5.9

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Impact Score: 3.6

Exploitability Score: 2.2

Severity: MEDIUM