CVE-2018-1672

Published: Oct 1, 2018Modified: Nov 21, 2024

6.3

Vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Exploitability: 2.8 / Impact: 3.4

Source: NVD

Description

IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 may fail to set the correct user context in certain impersonation scenarios, which can allow a user to act with the identity of a different user. IBM X-Force ID: 144958.

Affected (79)

Products: Ibm: Websphere Portal

Ibm

1 product

Websphere Portal

Configuration A

79 vulnerable

Vulnerable Software	Affected Versions
Ibm Websphere Portal	Version 7.0.0.0
Ibm Websphere Portal	Version 7.0.0.1
Ibm Websphere Portal	Version 7.0.0.1 cf011
Ibm Websphere Portal	Version 7.0.0.1 cf012
Ibm Websphere Portal	Version 7.0.0.1 cf013
Ibm Websphere Portal	Version 7.0.0.1 cf014
Ibm Websphere Portal	Version 7.0.0.1 cf015
Ibm Websphere Portal	Version 7.0.0.1 cf016
Ibm Websphere Portal	Version 7.0.0.1 cf017
Ibm Websphere Portal	Version 7.0.0.1 cf018
Ibm Websphere Portal	Version 7.0.0.1 cf019
Ibm Websphere Portal	Version 7.0.0.1 cf020
Ibm Websphere Portal	Version 7.0.0.2
Ibm Websphere Portal	Version 7.0.0.2 cf012
Ibm Websphere Portal	Version 7.0.0.2 cf013
Ibm Websphere Portal	Version 7.0.0.2 cf014
Ibm Websphere Portal	Version 7.0.0.2 cf015
Ibm Websphere Portal	Version 7.0.0.2 cf016
Ibm Websphere Portal	Version 7.0.0.2 cf017
Ibm Websphere Portal	Version 7.0.0.2 cf018
Ibm Websphere Portal	Version 7.0.0.2 cf019
Ibm Websphere Portal	Version 7.0.0.2 cf020
Ibm Websphere Portal	Version 7.0.0.2 cf021
Ibm Websphere Portal	Version 7.0.0.2 cf022
Ibm Websphere Portal	Version 7.0.0.2 cf023
Ibm Websphere Portal	Version 7.0.0.2 cf024
Ibm Websphere Portal	Version 7.0.0.2 cf025
Ibm Websphere Portal	Version 7.0.0.2 cf026
Ibm Websphere Portal	Version 7.0.0.2 cf027
Ibm Websphere Portal	Version 7.0.0.2 cf028
Ibm Websphere Portal	Version 7.0.0.2 cf029
Ibm Websphere Portal	Version 7.0.0.2 cf030
Ibm Websphere Portal	Version 8.0.0.0
Ibm Websphere Portal	Version 8.0.0.0 cf01
Ibm Websphere Portal	Version 8.0.0.0 cf02
Ibm Websphere Portal	Version 8.0.0.0 cf03
Ibm Websphere Portal	Version 8.0.0.0 cf04
Ibm Websphere Portal	Version 8.0.0.0 cf05
Ibm Websphere Portal	Version 8.0.0.0 cf06
Ibm Websphere Portal	Version 8.0.0.1
Ibm Websphere Portal	Version 8.0.0.1 cf04
Ibm Websphere Portal	Version 8.0.0.1 cf05
Ibm Websphere Portal	Version 8.0.0.1 cf06
Ibm Websphere Portal	Version 8.0.0.1 cf07
Ibm Websphere Portal	Version 8.0.0.1 cf08
Ibm Websphere Portal	Version 8.0.0.1 cf09
Ibm Websphere Portal	Version 8.0.0.1 cf10
Ibm Websphere Portal	Version 8.0.0.1 cf11
Ibm Websphere Portal	Version 8.0.0.1 cf12
Ibm Websphere Portal	Version 8.0.0.1 cf13
Ibm Websphere Portal	Version 8.0.0.1 cf14
Ibm Websphere Portal	Version 8.0.0.1 cf15
Ibm Websphere Portal	Version 8.0.0.1 cf16
Ibm Websphere Portal	Version 8.0.0.1 cf17
Ibm Websphere Portal	Version 8.0.0.1 cf18
Ibm Websphere Portal	Version 8.0.0.1 cf19
Ibm Websphere Portal	Version 8.0.0.1 cf20
Ibm Websphere Portal	Version 8.0.0.1 cf21
Ibm Websphere Portal	Version 8.0.0.1 cf22
Ibm Websphere Portal	Version 8.0.0.1 cf23
Ibm Websphere Portal	Version 8.5.0.0
Ibm Websphere Portal	Version 8.5.0.0 cf01
Ibm Websphere Portal	Version 8.5.0.0 cf02
Ibm Websphere Portal	Version 8.5.0.0 cf03
Ibm Websphere Portal	Version 8.5.0.0 cf04
Ibm Websphere Portal	Version 8.5.0.0 cf05
Ibm Websphere Portal	Version 8.5.0.0 cf06
Ibm Websphere Portal	Version 8.5.0.0 cf07
Ibm Websphere Portal	Version 8.5.0.0 cf08
Ibm Websphere Portal	Version 8.5.0.0 cf09
Ibm Websphere Portal	Version 8.5.0.0 cf10
Ibm Websphere Portal	Version 8.5.0.0 cf11
Ibm Websphere Portal	Version 8.5.0.0 cf12
Ibm Websphere Portal	Version 8.5.0.0 cf13
Ibm Websphere Portal	Version 8.5.0.0 cf14
Ibm Websphere Portal	Version 8.5.0.0 cf15
Ibm Websphere Portal	Version 9.0.0.0
Ibm Websphere Portal	Version 9.0.0.0 cf14
Ibm Websphere Portal	Version 9.0.0.0 cf15