CVE-2015-7418 — MEDIUM (4.4)

Vulnerability Description

IBM WebSphere eXtreme Scale and the WebSphere DataPower XC10 Appliance allow some sensitive data to linger in memory instead of being overwritten which could allow a local user with administrator privileges to obtain sensitive information.

CVSS Score

4.4

MEDIUM

CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Ibm	Websphere Extreme Scale	7.1.0

Related Weaknesses (CWE)

CWE-200

References

http://www.ibm.com/support/docview.wss?uid=swg21971657PatchVendor Advisory
http://www.securityfocus.com/bid/83634Third Party AdvisoryVDB Entry
http://www.ibm.com/support/docview.wss?uid=swg21971657PatchVendor Advisory
http://www.securityfocus.com/bid/83634Third Party AdvisoryVDB Entry

FAQ

What is CVE-2015-7418?

CVE-2015-7418 is a vulnerability with a CVSS score of 4.4 (MEDIUM). IBM WebSphere eXtreme Scale and the WebSphere DataPower XC10 Appliance allow some sensitive data to linger in memory instead of being overwritten which could allow a local user with administrator priv...

How severe is CVE-2015-7418?

CVE-2015-7418 has been rated MEDIUM with a CVSS base score of 4.4/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2015-7418?

Check the references section above for vendor advisories and patch information. Affected products include: Ibm Websphere Extreme Scale.