1. Home
  2. CVE Database
  3. CVE-2015-7472
HIGH · 7.2

CVE-2015-7472

IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through 7.0.0.2 CF29, 8.0.0 before 8.0.0.1 CF20, and 8.5.0 before CF10 allows remote attackers to conduct LDAP inject...

Vulnerability Description

IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through 7.0.0.2 CF29, 8.0.0 before 8.0.0.1 CF20, and 8.5.0 before CF10 allows remote attackers to conduct LDAP injection attacks, and consequently read or write to repository data, via unspecified vectors.

CVSS Score

7.2

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality
LOW
Integrity
LOW
Availability
NONE

Affected Products

VendorProductVersions
IbmWebsphere Portal6.1.0.0

References

FAQ

What is CVE-2015-7472?

CVE-2015-7472 is a vulnerability with a CVSS score of 7.2 (HIGH). IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through 7.0.0.2 CF29, 8.0.0 before 8.0.0.1 CF20, and 8.5.0 before CF10 allows remote attackers to conduct LDAP inject...

How severe is CVE-2015-7472?

CVE-2015-7472 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2015-7472?

Check the references section above for vendor advisories and patch information. Affected products include: Ibm Websphere Portal.