| Vulnerability Name: | CVE-2015-1886 (CCN-101260) | ||||||||
| Assigned: | 2015-04-20 | ||||||||
| Published: | 2015-04-20 | ||||||||
| Updated: | 2016-08-04 | ||||||||
| Summary: | The Remote Document Conversion Service (DCS) in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through 7.0.0.2 CF29, 8.0.0 before 8.0.0.1 CF16, and 8.5.0 through CF05 allows remote attackers to cause a denial of service (memory consumption) via crafted requests. | ||||||||
| CVSS v3 Severity: | 5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
| ||||||||
| CVSS v2 Severity: | 7.8 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C) 5.8 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C/E:U/RL:OF/RC:C)
3.2 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
| ||||||||
| Vulnerability Type: | CWE-399 | ||||||||
| Vulnerability Consequences: | Denial of Service | ||||||||
| References: | Source: MITRE Type: CNA CVE-2015-1886 Source: AIXAPAR Type: UNKNOWN PI37356 Source: CONFIRM Type: Patch, Vendor Advisory http://www-01.ibm.com/support/docview.wss?uid=swg21701566 Source: CCN Type: IBM Security Bulletin 1701566 Fixes available for Security Vulnerabilities in IBM WebSphere Portal (CVE-2015-1886; CVE-2015-1908) Source: BID Type: Third Party Advisory, VDB Entry 74216 Source: SECTRACK Type: Third Party Advisory, VDB Entry 1032189 Source: XF Type: UNKNOWN ibm-websphere-cve20151886-dos(101260) | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| BACK | |||||||||