CVE-2015-7441
6.8
Vector
CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
Exploitability: 1.6 / Impact: 5.2
Source: NVD
Description
Remote Artifact Loader (RAL) in IBM WebSphere Process Server 7 and Business Process Manager Advanced 7.5 through 7.5.1.2, 8.0 through 8.0.1.3, 8.5.0 through 8.5.0.2, 8.5.5 through 8.5.5.0, and 8.5.6 through 8.5.6.2 does not properly use SSL for its HTTPS connection, which allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors.
Affected (54)
Products: Ibm: Business Process Manager, Websphere Process Server
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Version 7.5.0.0 | |
| Version 7.0 |
Related CWEs
References (8)
Source: psirt@us.ibm.com
Source: psirt@us.ibm.com
Source: psirt@us.ibm.com
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Timeline
No history available yet.