Main Vulnerability Database Vulnerabilities #VU40650

Resource management error in WebSphere Portal - CVE-2015-1943

Published: September 15, 2015 / Updated: August 9, 2020

Vulnerability identifier: #VU40650

CSH Severity: Medium

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2015-1943

CWE-ID: CWE-399

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: IBM Corporation

Affected software:
WebSphere Portal

Detailed vulnerability description

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

IBM WebSphere Portal 6.1.0.x through 6.1.0.6 CF27, 6.1.5.x through 6.1.5.3 CF27, 7.0.x through 7.0.0.2 CF29, 8.0.x before 8.0.0.1 CF17, and 8.5.0 before CF06 allows remote attackers to cause a denial of service (CPU and memory consumption) via a crafted request.

How to mitigate CVE-2015-1943

Install update from vendor's website.

Sources

http://www.securitytracker.com/id/1033444
http://www-01.ibm.com/support/docview.wss?uid=swg1PI39617
http://www-01.ibm.com/support/docview.wss?uid=swg21962567

Resource management error in WebSphere Portal - CVE-2015-1943

Detailed vulnerability description

How to mitigate CVE-2015-1943

Sources

Please verify you're human