Vulnerability Name:

CVE-2015-4947 (CCN-104912)

Assigned:2015-09-02
Published:2015-09-02
Updated:2019-02-12
Summary:Stack-based buffer overflow in the Administration Server in IBM HTTP Server 6.1.0.x through 6.1.0.47, 7.0.0.x before 7.0.0.39, 8.0.0.x before 8.0.0.12, and 8.5.x before 8.5.5.7, as used in WebSphere Application Server and other products, allows remote authenticated users to execute arbitrary code via unspecified vectors.
CVSS v3 Severity:7.5 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H)
6.5 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): Low
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:9.0 High (CVSS v2 Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
7.1 High (CCN CVSS v2 Vector: AV:N/AC:H/Au:S/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): High
Athentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-119
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2015-4947

Source: AIXAPAR
Type: Vendor Advisory
PI44793

Source: AIXAPAR
Type: Vendor Advisory
PI45596

Source: CONFIRM
Type: Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21965419

Source: CCN
Type: IBM Security Bulletin 1965419
Stack Buffer overflow may affect IBM HTTP Server (CVE-2015-4947)

Source: CCN
Type: IBM Security Bulletin 1969062
Multiple vulnerabilities have been identified in the IBM HTTP Server bundled with IBM Domino 9.0.0x & 9.0.1x (CVE-2015-1283, CVE-2015-3183, CVE-2015-4947)

Source: CCN
Type: IBM Security Bulletin 1970056
IBM Tivoli Monitoring (CVE-2015-1829, CVE-2015-3183, CVE-2015-1283, CVE-2015-4947, CVE-2015-2808)

Source: CCN
Type: IBM Security Bulletin 1972470
Multiple vulnerabilities in IBM HTTP Server (IHS) affect IBM Security SiteProtector System (CVE-2015-1283, CVE-2015-3183 and CVE-2015-4947)

Source: CCN
Type: IBM Security Bulletin 1973795
Multiple vulnerabilities in IBM HTTP Server affectIBM API Management (CVE-2015-4947 CVE-2015-1283 CVE-2015-1788)

Source: CCN
Type: IBM Security Bulletin C1000112 (Cloud Orchestrator)
Multiple vulnerabilities have been identified in IBM Business Process Manager, and bundled products shipped with IBM Cloud Orchestrator and Cloud Orchestrator Enterprise

Source: BID
Type: Third Party Advisory, VDB Entry
76658

Source: CCN
Type: BID-76658
IBM HTTP Server CVE-2015-4947 Stack Buffer Overflow Vulnerability

Source: SECTRACK
Type: Third Party Advisory, VDB Entry
1033512

Source: XF
Type: UNKNOWN
ibm-http-cve20154947-code-exec(104912)

Vulnerable Configuration:Configuration 1:
  • cpe:/a:ibm:http_server:*:*:*:*:*:*:*:* (Version >= 6.1.0.0 and <= 6.1.0.47)
  • OR cpe:/a:ibm:http_server:*:*:*:*:*:*:*:* (Version >= 7.0.0.0 and < 7.0.0.39)
  • OR cpe:/a:ibm:http_server:*:*:*:*:*:*:*:* (Version >= 8.0.0.0 and < 8.0.0.12)
  • OR cpe:/a:ibm:http_server:*:*:*:*:*:*:*:* (Version >= 8.5.0.0 and < 8.5.5.7)

    • Configuration CCN 1:
  • cpe:/a:ibm:http_server:6.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:http_server:7.0.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:http_server:8.0.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:http_server:8.5.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:http_server:8.5.5.6:*:*:*:*:*:*:*
  • AND
  • cpe:/a:ibm:api_management:3.0.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_siteprotector_system:3.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:domino:9.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:domino:9.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_orchestrator:2.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_siteprotector_system:3.1.1.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_orchestrator:2.4:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:tivoli_monitoring:6.2.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:tivoli_monitoring:6.3.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:api_management:4.0.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_orchestrator:2.3.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_orchestrator:2.4.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_orchestrator:2.4.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_orchestrator:2.5:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    ibm http server *
    ibm http server *
    ibm http server *
    ibm http server *
    ibm http server 6.1
    ibm http server 7.0.0.0
    ibm http server 8.0.0.0
    ibm http server 8.5.0.0
    ibm http server 8.5.5.6
    ibm api management 3.0.0.0
    ibm security siteprotector system 3.0
    ibm domino 9.0.1
    ibm domino 9.0
    ibm cloud orchestrator 2.3
    ibm security siteprotector system 3.1.1.0
    ibm cloud orchestrator 2.4
    ibm tivoli monitoring 6.2.3
    ibm tivoli monitoring 6.3.0
    ibm api management 4.0.0.0
    ibm cloud orchestrator 2.3.0.1
    ibm cloud orchestrator 2.4.0.1
    ibm cloud orchestrator 2.4.0.2
    ibm cloud orchestrator 2.5