Main Vulnerability Database Vulnerabilities #VU40807

Resource management error in WebSphere Portal - CVE-2015-1886

Published: April 27, 2015 / Updated: August 9, 2020

Vulnerability identifier: #VU40807

CSH Severity: Medium

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2015-1886

CWE-ID: CWE-399

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: IBM Corporation

Affected software:
WebSphere Portal

Detailed vulnerability description

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

The Remote Document Conversion Service (DCS) in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through 7.0.0.2 CF29, 8.0.0 before 8.0.0.1 CF16, and 8.5.0 through CF05 allows remote attackers to cause a denial of service (memory consumption) via crafted requests.

How to mitigate CVE-2015-1886

Install update from vendor's website.

Resource management error in WebSphere Portal - CVE-2015-1886

Detailed vulnerability description

How to mitigate CVE-2015-1886

Sources

Please verify you're human