Vulnerability Description
Business Space in IBM WebSphere Process Server 6.1.2.0 through 7.0.0.5 and Business Process Manager Advanced 7.5.x through 7.5.1.2, 8.0.x through 8.0.1.3, 8.5.0.x through 8.5.0.2, 8.5.5.x through 8.5.5.0, and 8.5.6.x through 8.5.6.2 allows remote authenticated users to bypass intended access restrictions and create an arbitrary page or space via unspecified vectors.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Websphere Process Server | 6.1.2 |
| Ibm | Business Process Manager | 7.5.0.0 |
Related Weaknesses (CWE)
References
- http://www-01.ibm.com/support/docview.wss?uid=swg1JR54678
- http://www-01.ibm.com/support/docview.wss?uid=swg21972005PatchVendor Advisory
- http://www.securityfocus.com/bid/85089
- http://www.securitytracker.com/id/1035319
- http://www-01.ibm.com/support/docview.wss?uid=swg1JR54678
- http://www-01.ibm.com/support/docview.wss?uid=swg21972005PatchVendor Advisory
- http://www.securityfocus.com/bid/85089
- http://www.securitytracker.com/id/1035319
FAQ
What is CVE-2015-7454?
CVE-2015-7454 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Business Space in IBM WebSphere Process Server 6.1.2.0 through 7.0.0.5 and Business Process Manager Advanced 7.5.x through 7.5.1.2, 8.0.x through 8.0.1.3, 8.5.0.x through 8.5.0.2, 8.5.5.x through 8.5....
How severe is CVE-2015-7454?
CVE-2015-7454 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2015-7454?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Websphere Process Server, Ibm Business Process Manager.