Vulnerability Description
IBM WebSphere Application Server (WAS) 6.1 through 6.1.0.47, 7.0 before 7.0.0.39, 8.0 before 8.0.0.11, and 8.5 before 8.5.5.6 allows remote attackers to execute arbitrary code by sending crafted instructions in a management-port session.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Websphere Application Server | 6.1 |
Related Weaknesses (CWE)
References
- http://www-01.ibm.com/support/docview.wss?uid=swg1PI38302Not Applicable
- http://www-01.ibm.com/support/docview.wss?uid=swg21883573PatchVendor Advisory
- http://www.securityfocus.com/bid/74439Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1032249Third Party AdvisoryVDB Entry
- http://www-01.ibm.com/support/docview.wss?uid=swg1PI38302Not Applicable
- http://www-01.ibm.com/support/docview.wss?uid=swg21883573PatchVendor Advisory
- http://www.securityfocus.com/bid/74439Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1032249Third Party AdvisoryVDB Entry
FAQ
What is CVE-2015-1920?
CVE-2015-1920 is a vulnerability with a CVSS score of 10.0 (HIGH). IBM WebSphere Application Server (WAS) 6.1 through 6.1.0.47, 7.0 before 7.0.0.39, 8.0 before 8.0.0.11, and 8.5 before 8.5.5.6 allows remote attackers to execute arbitrary code by sending crafted instr...
How severe is CVE-2015-1920?
CVE-2015-1920 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2015-1920?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Websphere Application Server.