Memory Vulnerability in IBM WebSphere eXtreme Scale and DataPower XC10 Appliance
CVE-2015-7418
4.4MEDIUM
Key Information:
- Vendor
- IBM
- Vendor
- CVE Published:
- 8 February 2017
Summary
IBM WebSphere eXtreme Scale and the WebSphere DataPower XC10 Appliance have a memory management issue where sensitive data may not be properly overwritten. This flaw could allow an authenticated local user with administrative privileges to potentially access sensitive information, posing a risk to data privacy and integrity.
Affected Version(s)
WebSphere DataPower XC10 Appliance 1.0
WebSphere DataPower XC10 Appliance 2.0
WebSphere DataPower XC10 Appliance 2.1
References
CVSS V3.1
Score:
4.4
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved