Main Vulnerability Database Vulnerabilities #VU40571

Resource management error in WebSphere Portal - CVE-2015-5001

Published: December 21, 2015 / Updated: August 9, 2020

Vulnerability identifier: #VU40571

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2015-5001

CWE-ID: CWE-399

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: IBM Corporation

Affected software:
WebSphere Portal

Detailed vulnerability description

The vulnerability allows a remote authenticated user to perform service disruption.

IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through 7.0.0.2 CF29, 8.0.0 before 8.0.0.1 CF19, and 8.5.0 before CF08 allows remote authenticated users to cause a denial of service (memory consumption) via a crafted document.

How to mitigate CVE-2015-5001

Install update from vendor's website.

Sources

http://www.securitytracker.com/id/1034284
http://www-01.ibm.com/support/docview.wss?uid=swg1PI49540
http://www-01.ibm.com/support/docview.wss?uid=swg21970176

Resource management error in WebSphere Portal - CVE-2015-5001

Detailed vulnerability description

How to mitigate CVE-2015-5001

Sources

Please verify you're human