IBM WebSphere Application Server Privilege Escalation Vulnerability (CVE-2015-0175)

IBM WebSphere Application Server Privilege Escalation Vulnerability (CVE-2015-0175)
IBM WebSphere Application Server Privilege Escalation Vulnerability (CVE-2015-0175)

Release date:
Updated on:

Affected Systems:

IBM Websphere Application Server <8.5.5.5

Description:

Bugtraq id: 74223
CVE (CAN) ID: CVE-2015-0175

WebSphere is an integrated software platform for IBM. It includes on-demand Web applications that write, run, and monitor around the clock industrial strength and the entire middleware infrastructure required for cross-platform and cross-product solutions.

The IBM WebSphere Application Server (WAS) does not correctly implement the authData element. Remote attackers can exploit this vulnerability to gain elevated privileges on the system.

<* Source: IBM ([email protected])
*>

Suggestion:

Vendor patch:

IBM
---
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:

Http://www-01.ibm.com/support/docview.wss? Uid = swg21697368
Http://www-01.ibm.com/support/docview.wss? Uid = swg1PI33008

This article permanently updates the link address: