Vulnerability Description
IBM WebSphere Application Server (WAS) 7.x before 7.0.0.43, 8.0.x before 8.0.0.13, 8.5.x before 8.5.5.11, 9.0.x before 9.0.0.2, and Liberty before 16.0.0.3 mishandles responses, which allows remote attackers to obtain sensitive information via unspecified vectors.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Websphere Application Server | 7.0 |
Related Weaknesses (CWE)
References
- http://www-01.ibm.com/support/docview.wss?uid=swg1PI67093Not Applicable
- http://www-01.ibm.com/support/docview.wss?uid=swg21990056PatchVendor Advisory
- http://www.securityfocus.com/bid/93013
- http://www.securitytracker.com/id/1036838
- http://www-01.ibm.com/support/docview.wss?uid=swg1PI67093Not Applicable
- http://www-01.ibm.com/support/docview.wss?uid=swg21990056PatchVendor Advisory
- http://www.securityfocus.com/bid/93013
- http://www.securitytracker.com/id/1036838
FAQ
What is CVE-2016-5986?
CVE-2016-5986 is a vulnerability with a CVSS score of 7.5 (HIGH). IBM WebSphere Application Server (WAS) 7.x before 7.0.0.43, 8.0.x before 8.0.0.13, 8.5.x before 8.5.5.11, 9.0.x before 9.0.0.2, and Liberty before 16.0.0.3 mishandles responses, which allows remote at...
How severe is CVE-2016-5986?
CVE-2016-5986 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2016-5986?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Websphere Application Server.