← back
CVE-2015-1885

CVE-2015-1885

EPSS 3.4%
WebSphereOauth20SP.ear in IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.39, 8.0 before 8.0.0.11, 8.5 Liberty Profile before 8.5.5.5, and 8.5 Full Profile before 8.5.5.6, when the OAuth grant type requires sending a password, allows remote attackers to gain privileges via unspecified vectors.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://www-01.ibm.com/support/docview.wss?uid=swg1PI33202http://www-01.ibm.com/support/docview.wss?uid=swg1PI36211http://www-01.ibm.com/support/docview.wss?uid=swg21697368http://www-01.ibm.com/support/docview.wss?uid=swg21963275http://www.securityfocus.com/bid/74219http://www.securitytracker.com/id/1032190