CVE-2018-1420

medium

Description

IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 resets access control settings to the out of the box configuration during Combined Cumulative Fix (CF) installation. This can lead to security miss-configuration of the installation. IBM X-Force ID: 138950.

References

https://www.ibm.com/support/docview.wss?uid=swg22014276

https://exchange.xforce.ibmcloud.com/vulnerabilities/138950

http://www.securitytracker.com/id/1041767

Details

Source: Mitre, NVD

Published: 2018-10-01

Updated: 2019-10-09

Risk Information

CVSS v2

Base Score: 4

Vector: CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:N

Severity: Medium

CVSS v3

Base Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Severity: Medium