CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-4963

IBM Security Access Manager for Web 7.x before 7.0.0.16 and 8.x before 8.0.1.3 mishandles WebSEAL HTTPTransformation requests, which allows remote attackers to read or write to arbitrary files via unspecified vectors.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.033

EPSS Ranking 86.9%

CVSS Severity

CVSS v2 Score 7.5

References

Products affected by CVE-2015-4963

Ibm » Security Access Manager For Web » Version: 7.0

cpe:2.3:a:ibm:security_access_manager_for_web:7.0
Ibm » Security Access Manager For Web » Version: 7.0.0.1

cpe:2.3:a:ibm:security_access_manager_for_web:7.0.0.1
Ibm » Security Access Manager For Web » Version: 7.0.0.10

cpe:2.3:a:ibm:security_access_manager_for_web:7.0.0.10
Ibm » Security Access Manager For Web » Version: 7.0.0.11

cpe:2.3:a:ibm:security_access_manager_for_web:7.0.0.11
Ibm » Security Access Manager For Web » Version: 7.0.0.12

cpe:2.3:a:ibm:security_access_manager_for_web:7.0.0.12
Ibm » Security Access Manager For Web » Version: 7.0.0.13

cpe:2.3:a:ibm:security_access_manager_for_web:7.0.0.13
Ibm » Security Access Manager For Web » Version: 7.0.0.14

cpe:2.3:a:ibm:security_access_manager_for_web:7.0.0.14
Ibm » Security Access Manager For Web » Version: 7.0.0.15

cpe:2.3:a:ibm:security_access_manager_for_web:7.0.0.15
Ibm » Security Access Manager For Web » Version: 7.0.0.2

cpe:2.3:a:ibm:security_access_manager_for_web:7.0.0.2
Ibm » Security Access Manager For Web » Version: 7.0.0.3

cpe:2.3:a:ibm:security_access_manager_for_web:7.0.0.3
Ibm » Security Access Manager For Web » Version: 7.0.0.4

cpe:2.3:a:ibm:security_access_manager_for_web:7.0.0.4
Ibm » Security Access Manager For Web » Version: 7.0.0.5

cpe:2.3:a:ibm:security_access_manager_for_web:7.0.0.5
Ibm » Security Access Manager For Web » Version: 7.0.0.6

cpe:2.3:a:ibm:security_access_manager_for_web:7.0.0.6
Ibm » Security Access Manager For Web » Version: 7.0.0.7

cpe:2.3:a:ibm:security_access_manager_for_web:7.0.0.7
Ibm » Security Access Manager For Web » Version: 7.0.0.8

cpe:2.3:a:ibm:security_access_manager_for_web:7.0.0.8
Ibm » Security Access Manager For Web » Version: 7.0.0.9

cpe:2.3:a:ibm:security_access_manager_for_web:7.0.0.9
Ibm » Security Access Manager For Web » Version: 8.0

cpe:2.3:a:ibm:security_access_manager_for_web:8.0
Ibm » Security Access Manager For Web » Version: 8.0.0.2

cpe:2.3:a:ibm:security_access_manager_for_web:8.0.0.2
Ibm » Security Access Manager For Web » Version: 8.0.0.22

cpe:2.3:a:ibm:security_access_manager_for_web:8.0.0.22
Ibm » Security Access Manager For Web » Version: 8.0.0.3

cpe:2.3:a:ibm:security_access_manager_for_web:8.0.0.3
Ibm » Security Access Manager For Web » Version: 8.0.0.31

cpe:2.3:a:ibm:security_access_manager_for_web:8.0.0.31
Ibm » Security Access Manager For Web » Version: 8.0.0.4

cpe:2.3:a:ibm:security_access_manager_for_web:8.0.0.4
Ibm » Security Access Manager For Web » Version: 8.0.0.5

cpe:2.3:a:ibm:security_access_manager_for_web:8.0.0.5
Ibm » Security Access Manager For Web » Version: 8.0.1.0

cpe:2.3:a:ibm:security_access_manager_for_web:8.0.1.0
Ibm » Security Access Manager For Web » Version: 8.0.1.1

cpe:2.3:a:ibm:security_access_manager_for_web:8.0.1.1
Ibm » Security Access Manager For Web » Version: 8.0.1.2

cpe:2.3:a:ibm:security_access_manager_for_web:8.0.1.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-4963

Products

Pricing

Contact Us