Vulnerability Description
Remote Artifact Loader (RAL) in IBM WebSphere Process Server 7 and Business Process Manager Advanced 7.5 through 7.5.1.2, 8.0 through 8.0.1.3, 8.5.0 through 8.5.0.2, 8.5.5 through 8.5.5.0, and 8.5.6 through 8.5.6.2 does not properly use SSL for its HTTPS connection, which allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Business Process Manager | 7.5.0.0 |
| Ibm | Websphere Process Server | 7.0 |
Related Weaknesses (CWE)
References
- http://www-01.ibm.com/support/docview.wss?uid=swg1JR54760Vendor Advisory
- http://www.securitytracker.com/id/1034531
- http://www.securitytracker.com/id/1034532
- https://www-01.ibm.com/support/docview.wss?uid=swg21971968
- http://www-01.ibm.com/support/docview.wss?uid=swg1JR54760Vendor Advisory
- http://www.securitytracker.com/id/1034531
- http://www.securitytracker.com/id/1034532
- https://www-01.ibm.com/support/docview.wss?uid=swg21971968
FAQ
What is CVE-2015-7441?
CVE-2015-7441 is a vulnerability with a CVSS score of 6.8 (MEDIUM). Remote Artifact Loader (RAL) in IBM WebSphere Process Server 7 and Business Process Manager Advanced 7.5 through 7.5.1.2, 8.0 through 8.0.1.3, 8.5.0 through 8.5.0.2, 8.5.5 through 8.5.5.0, and 8.5.6 t...
How severe is CVE-2015-7441?
CVE-2015-7441 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2015-7441?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Business Process Manager, Ibm Websphere Process Server.