CVE-2015-1882 in WebSphere Application Serverinfo

Summary

Multiple race conditions in IBM WebSphere Application Server (WAS) 8.5 Liberty Profile before 8.5.5.5 allow remote authenticated users to gain privileges by leveraging thread conflicts that result in Java code execution outside the context of the configured EJB Run-as user.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Reservation

02/19/2015

Disclosure

04/27/2015

Status

Confirmed

Entries

VulDB provides additional information and datapoints for this CVE:

IDVulnerabilityCWEExpCouCVE
75099IBM WebSphere Application Server Run-as EJB race condition362Not definedOfficial fixCVE-2015-1882

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

Sources

PreviousOverviewNext

Might our Artificial Intelligence support you?

Check our Alexa App!