Improper Account-Lockout Settings in IBM WebSphere eXtreme Scale
CVE-2015-2030

Currently unrated

Key Information:

Vendor: IBM
Status: Websphere Extreme Scale
Vendor: CVE Published:; 4 October 2015

Summary

IBM WebSphere eXtreme Scale versions 7.1.0 prior to 7.1.0.3 and 7.1.1 prior to 7.1.1.1 feature an improper account-lockout mechanism. This flaw can be exploited by remote attackers to initiate brute-force attacks more easily, potentially compromising user accounts and sensitive data. It is crucial for users of these versions to implement appropriate security measures and apply patches to mitigate this risk.

References

http://www-01.ibm.com/support/docview.wss?uid=swg21966044

x_refsource_CONFIRM

http://www-01.ibm.com/support/docview.wss?uid=swg1PI44105

vendor-advisoryx_refsource_AIXAPAR

http://www-01.ibm.com/support/docview.wss?uid=swg1PI44098

vendor-advisoryx_refsource_AIXAPAR

Timeline

Vulnerability published
Oct 4, 2015
Vulnerability Reserved
Feb 19, 2015