CVE-2018-1420

CVSS 5.3 MEDIUMEPSS 1.3%

IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 resets access control settings to the out of the box configuration during Combined Cumulative Fix (CF) installation. This can lead to security miss-configuration of the installation. IBM X-Force ID: 138950.

CVSS:3.0/A:N/AC:H/AV:N/C:N/I:H/PR:L/S:U/UI:N/E:U/RC:C/RL:O

Produtos afetados

IBM · WebSphere Portal

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://exchange.xforce.ibmcloud.com/vulnerabilities/138950 https://www.ibm.com/support/docview.wss?uid=swg22014276 http://www.securitytracker.com/id/1041767