8.5.0.0

CVSS 7.8 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

COMPLETE

network

low complexity

ibm

CWE-399

nessus

NVD

Published: 2015-11-14

Updated: 2019-02-13

Summary

IBM WebSphere Portal 8.0.0.1 before CF19 and 8.5.0 before CF09 allows remote attackers to cause a denial of service (memory consumption) via crafted requests.

Vulnerable Configurations

Part	Description	Count
Application	Ibm IBM Websphere Portal 8.0.0.1 IBM Websphere Portal 8.5.0.0	25

Common Weakness Enumeration (CWE)

CWE-399 - Resource Management Errors

Nessus

NASL family	CGI abuses
NASL id	WEBSPHERE_PORTAL_CVE-2015-7419.NASL
description	The version of IBM WebSphere Portal installed on the Windows remote host is affected by an unspecified flaw. An unauthenticated, remote attacker can exploit this, via a crafted request, to cause excessive memory consumption, resulting in a denial of service. No other details are available. Note that hosts with Cumulative Fixes for WebSphere Portal 8.0.0.1 prior to CF13 are not affected.
last seen	2020-06-01
modified	2020-06-02
plugin id	86997
published	2015-11-20
reporter	This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/86997
title	IBM WebSphere Portal Unspecified DoS (PI50952)

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Nessus

References