Description
IBM WebSphere Application Server 8.5 and 9.0 could allow a remote attacker to bypass authentication and gain unauthorized access to JAX-WS applications.
CVSS breakdown
CVSS 3.1
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
Low
Availability
Low
Affected products
- ibm / websphere_application_server8.5 – 8.5
- ibm / websphere_application_server8.5.0 – 8.5.0
- ibm / websphere_application_server9.0 – 9.0
- ibm / websphere_application_server9.0.0 – 9.0.0