Vulnerability Name:

CVE-2016-5986 (CCN-116556)

Assigned:2016-09-15
Published:2016-09-15
Updated:2017-07-30
Summary:IBM WebSphere Application Server (WAS) 7.x before 7.0.0.43, 8.0.x before 8.0.0.13, 8.5.x before 8.5.5.11, 9.0.x before 9.0.0.2, and Liberty before 16.0.0.3 mishandles responses, which allows remote attackers to obtain sensitive information via unspecified vectors.
CVSS v3 Severity:7.5 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)
6.5 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): None
Availibility (A): None
3.7 Low (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)
3.2 Low (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): None
Availibility (A): None
CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
2.6 Low (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:N/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): High
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
Vulnerability Type:CWE-200
Vulnerability Consequences:Obtain Information
References:Source: MITRE
Type: CNA
CVE-2016-5986

Source: AIXAPAR
Type: Not Applicable
PI67093

Source: CONFIRM
Type: Patch, Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21990056

Source: CCN
Type: IBM Security Bulletin T1024555 (Flex System Manager Node)
IBM Flex System Manager (FSM) is affected by multiple IBM Websphere Application Server (WAS) vulnerabilities (CVE-2016-3092, CVE-2016-5986, CVE-2016-5983 )

Source: CCN
Type: IBM Security Bulletin T1024837 (Systems Director)
IBM Systems Director Storage Control is affected by multiple IBM Websphere Application Server (WAS) vulnerabilities (CVE-2016-3092, CVE-2016-5986, CVE-2016-5983)

Source: CCN
Type: IBM Security Bulletin N1021649 (i)
IBM i Integrated Web Application Server version 8.5 is affected by multiple vulnerabilities.

Source: CCN
Type: IBM Security Bulletin N1021705 (Server Firmware, HMC and SDMC)
Vulnerabilities in IBM WebSphere Application Server affect Power Hardware Management Console (CVE-2016-0378, CVE-2016-3092 and CVE-2016-5986)

Source: CCN
Type: IBM Security Bulletin S1009974 (TS7700 virtual tape systems)
Potential Information Disclosure vulnerability in WebSphere Application Server as used by IBM Virtualization Engine TS7700 (CVE-2016-5986)

Source: CCN
Type: IBM Security Bulletin 1988267 (Support Assistant)
Security vulnerabilities have been identified in WebSphere Application Server shipped with IBM Support Assistant Team Server (CVE-2016-0359, CVE-2016-0378, CVE-2016-5986)

Source: CCN
Type: IBM Security Bulletin 1990056 (WebSphere Application Server)
Potential Information Disclosure vulnerability in WebSphere Application Server (CVE-2016-5986)

Source: CCN
Type: IBM Security Bulletin 1990236 (WebSphere Application Server for Bluemix)
Multiple security vulnerabilities affect IBM WebSphere Application Server for Bluemix

Source: CCN
Type: IBM Security Bulletin 1990527 (Liberty for Java for Bluemix)
Multiple security vulnerabilities affect Liberty for Java for IBM Bluemix

Source: CCN
Type: IBM Security Bulletin 1991987 (BigFix family)
Information disclosure vulnerability in IBM Websphere Application Server and IBM Websphere Application Server Liberty affects IBM BigFix Remote Control (CVE-2016-5986)

Source: CCN
Type: IBM Security Bulletin 1993612 (Streams)
A security vulnerability has been identified in IBM WebSphere Application Server Liberty which may impact IBM Streams (CVE-2016-5986)

Source: CCN
Type: IBM Security Bulletin 1994537 (Tealeaf Customer Experience)
Vulnerabilities in IBM WebSphere Application Server and IBM Java Runtime affect IBM Tealeaf Customer Experience (CVE-2016-0378, CVE-2016-3485, CVE-2016-5986)

Source: CCN
Type: IBM Security Bulletin 1994916 (License Metric Tool)
A security vulnerabilities has been identified in WebSphere Liberty Profile shipped with IBM License Metric Tool v9 and IBM BigFix Inventory v9

Source: CCN
Type: IBM Security Bulletin 1995118 (Security AppScan Enterprise)
Multiple vulnerabilities affect IBM Security AppScan Enterprise

Source: CCN
Type: IBM Security Bulletin 1995246 (MessageSight)
Potential Information Disclosure vulnerability in IBM MessageSight (CVE-2016-5986)

Source: CCN
Type: IBM Security Bulletin 1995546 (Tivoli Storage Manager Extended Edition)
Multiple security vulnerabilities in IBM WebSphere Application Server Liberty affect Tivoli Storage Manager (IBM Spectrum Protect) Operations Center (CVE-2016-0378, CVE-2016-3040, CVE-2016-3042, CVE-2016-5986)

Source: CCN
Type: IBM Security Bulletin 1995683 (Tivoli Monitoring V6)
Multiple vulnerabilities affect IBM Tivoli Monitoring embedded WebSphere Application Server

Source: CCN
Type: IBM Security Bulletin 1995691 (Cognos Business Intelligence)
IBM Cognos Business Intelligence Server 2016Q4 Security Updater : IBM Cognos Business Intelligence Server is affected by multiple vulnerabilities.

Source: CCN
Type: IBM Security Bulletin 1995745 (Spectrum Control Advanced Edition)
Potential Information Disclosure vulnerability in WebSphere Application Server affects IBM Spectrum Control (formerly Tivoli Storage Productivity Center) CVE-2016-5986

Source: CCN
Type: IBM Security Bulletin 1995793 (Tivoli Storage Manager for Virtual Environments)
Vulnerabilities in IBM WebSphere Application Server affect Tivoli Storage Manager (IBM Spectrum Protect) for Virtual Environments: Data Protection for VMware (CVE-2016-5986, CVE-2016-3092)

Source: CCN
Type: IBM Security Bulletin 1995924 (Watson Explorer)
Vulnerabilities exist in Watson Explorer Analytical Components, Watson Explorer Annotation Administration Console, and Watson Content Analytics

Source: CCN
Type: IBM Security Bulletin 1996032 (Tivoli Common Reporting)
IBM Tivoli Common Reporting (TCR) 2016Q4 Security Updater : TCR is affected by multiple vulnerabilities.

Source: CCN
Type: IBM Security Bulletin 1996417 (Cognos Analytics)
IBM Cognos Analytics is affected by multiple vulnerabilities

Source: CCN
Type: IBM Security Bulletin 1996503 (Tivoli Netcool/Impact)
IBM Tivoli Netcool Impact affected by Potential Information Disclosure vulnerability in WebSphere Application Server (CVE-2016-5986)

Source: CCN
Type: IBM Security Bulletin 1996614 (Security Privileged Identity Manager)
Multiple Security Vulnerabilities affect IBM Security Privileged Identity Manager Virtual Appliance

Source: CCN
Type: IBM Security Bulletin 1996788 (MQ Light)
Multiple vulnerabilities in IBM WebSphere Application Server Liberty affect IBM MQ Light (CVE-2016-5986, CVE-2016-3040, CVE-2016-0378)

Source: CCN
Type: IBM Security Bulletin 1996820 (Emptoris Strategic Supply Management)
Multiple vulnerabilities in IBM Java SDK and IBM WebSphere Application Server affect IBM Emptoris Strategic Supply Management and IBM Emptoris Services Procurement

Source: CCN
Type: IBM Security Bulletin 1996950 (SPSS Analytic Server)
Vulnerability in IBM WebSphere Application Server and IBM WebSphere Application Server Liberty affects IBM SPSS Analytic Server (CVE-2016-5986)

Source: CCN
Type: IBM Security Bulletin 1997723 (Transformation Extender Advanced)
Two vulnerabilities in WAS Liberty affect IBM Transformation Extender Advanced and IBM Standards Processing Engine (CVE-2016-0378 and CVE-2016-5986)

Source: CCN
Type: IBM Security Bulletin 1998329 (Security Identity Governance and Intelligence)
A security vulnerability has been identified in WebSphere Liberty Profile shipped with IBM Secutity Identity Governance and Intelligence (CVE-2016-5986)

Source: CCN
Type: IBM Security Bulletin 1998463 (Sterling B2B Integrator)
Information disclosure vulnerability affects IBM Sterling B2B Integrator(CVE-2016-5986)

Source: CCN
Type: IBM Security Bulletin 1998590 (Tivoli Application Dependency Discovery Manager)
IBM WebSphere Application Server Liberty Profile vulnerabilities affect IBM Tivoli Application Dependency Discovery Manager (TADDM) (CVE-2016-3092, CVE-2016-5986)

Source: CCN
Type: IBM Security Bulletin 1998827 (Control Center)
Multiple vulnerabilities in IBM WebSphere affect IBM Control Center (CVE-2016-3042, CVE-2016-3040, CVE-2016-5986, CVE-2016-0378)

Source: CCN
Type: IBM Security Bulletin 1999209 (Algo One)
Vulnerabilites in IBM Algorithmics Algo One Algo Risk Application (ARA) related to IBM WebSphere Application Server Liberty

Source: CCN
Type: IBM Security Bulletin 1999614 (Security Access Manager)
IBM Security Access Manager appliances are affected by a vulnerability in IBM WebSphere Application Server (CVE-2016-5986)

Source: CCN
Type: IBM Security Bulletin 2000740 (Cognos Controller)
Multiple vulnerabilities have been identified in IBM Cognos Controller

Source: CCN
Type: IBM Security Bulletin 2002049 (Security Directory Suite)
Multiple security vulnerabilities have been identified in IBM WebSphere Application Server Liberty shipped with IBM Security Directory Suite (CVE-2016-0378, CVE-2016-5983 and CVE-2016-5986)

Source: CCN
Type: IBM Security Bulletin 2013617 (Security Identity Manager)
Multiple vulnerabilities have been fixed in IBM Security Identity Manager

Source: CCN
Type: IBM Security Bulletin C1000200 (Cloud Orchestrator)
A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Cloud Orchestrator (CVE-2016-5986)

Source: BID
Type: UNKNOWN
93013

Source: CCN
Type: BID-93013
IBM WebSphere Application Server CVE-2016-5986 Information Disclosure Vulnerability

Source: SECTRACK
Type: UNKNOWN
1036838

Source: XF
Type: UNKNOWN
ibm-websphere-cve20165986-info-disc(116556)

Source: CCN
Type: IBM Security Bulletin 1991081 (eDiscovery Manager)
nformation Disclosure in tWAS and Liberty in IBM eDiscovery Manager

Source: CCN
Type: IBM Security Bulletin 1992042 (Content Collector)
Information Disclosure in tWAS and Liberty in IBM Content Collector for Email

Vulnerable Configuration:Configuration 1:
  • cpe:/a:ibm:websphere_application_server:7.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:7.0.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:7.0.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:7.0.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:7.0.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:7.0.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:7.0.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:7.0.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:7.0.0.7:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:7.0.0.8:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:7.0.0.9:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:7.0.0.10:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:7.0.0.11:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:7.0.0.12:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:7.0.0.13:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:7.0.0.14:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:7.0.0.15:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:7.0.0.16:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:7.0.0.17:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:7.0.0.18:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:7.0.0.19:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:7.0.0.21:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:7.0.0.22:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:7.0.0.23:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:7.0.0.24:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:7.0.0.25:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:7.0.0.27:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:7.0.0.28:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:7.0.0.29:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:7.0.0.31:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:7.0.0.32:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:7.0.0.33:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:7.0.0.34:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:7.0.0.35:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:7.0.0.36:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:7.0.0.37:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:7.0.0.38:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:7.0.0.39:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:7.0.0.41:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:8.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:8.0.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:8.0.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:8.0.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:8.0.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:8.0.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:8.0.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:8.0.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:8.0.0.7:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:8.0.0.8:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:8.0.0.9:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:8.0.0.10:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:8.0.0.11:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:8.0.0.12:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:8.5.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:8.5.0.0:-:liberty_profile:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:8.5.0.1:-:liberty_profile:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:8.5.0.2:-:liberty_profile:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:8.5.5.0:-:liberty_profile:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:8.5.5.1:-:liberty_profile:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:8.5.5.2:-:liberty_profile:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:8.5.5.4:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:8.5.5.5:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:8.5.5.6:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:8.5.5.7:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:8.5.5.8:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:8.5.5.9:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:9.0.0.0:*:*:*:*:*:*:*

    • Configuration 2:
  • cpe:/a:ibm:websphere_application_server:7.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:7.0.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:7.0.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:7.0.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:7.0.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:7.0.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:7.0.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:7.0.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:7.0.0.7:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:7.0.0.8:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:7.0.0.9:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:7.0.0.10:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:7.0.0.11:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:7.0.0.12:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:7.0.0.13:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:7.0.0.14:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:7.0.0.15:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:7.0.0.16:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:7.0.0.17:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:7.0.0.18:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:7.0.0.19:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:7.0.0.21:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:7.0.0.22:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:7.0.0.23:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:7.0.0.24:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:7.0.0.25:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:7.0.0.27:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:7.0.0.28:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:7.0.0.29:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:7.0.0.31:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:7.0.0.32:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:7.0.0.33:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:7.0.0.34:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:7.0.0.35:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:7.0.0.36:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:7.0.0.37:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:7.0.0.38:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:7.0.0.39:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:7.0.0.41:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:8.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:8.0.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:8.0.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:8.0.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:8.0.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:8.0.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:8.0.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:8.0.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:8.0.0.7:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:8.0.0.8:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:8.0.0.9:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:8.0.0.10:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:8.0.0.11:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:8.0.0.12:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:8.5.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:8.5.0.0:-:liberty_profile:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:8.5.0.1:-:liberty_profile:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:8.5.0.2:-:liberty_profile:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:8.5.5.0:-:liberty_profile:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:8.5.5.1:-:liberty_profile:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:8.5.5.2:-:liberty_profile:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:8.5.5.4:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:8.5.5.5:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:8.5.5.6:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:8.5.5.7:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:8.5.5.8:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:8.5.5.9:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:8.5.5.10:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:9.0.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:9.0.0.1:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:ibm:websphere_application_server:7.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:8.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:8.5:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:8.5.5:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:9.0.0.0:*:*:*:*:*:*:*
  • AND
  • cpe:/a:ibm:cognos_business_intelligence:10.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cognos_business_intelligence:10.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:content_collector:3.0.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:tivoli_netcool/impact:6.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cognos_business_intelligence:10.2.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:messagesight_jms_client:1.1.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:tivoli_storage_manager_for_virtual_environments:6.3.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:tivoli_storage_manager_for_virtual_environments:6.4:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:tivoli_storage_manager_for_virtual_environments:7.1:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:i:6.1:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:i:7.1:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:i:7.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_orchestrator:2.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:algo_one:5.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_mq_light:1.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:tivoli_netcool/impact:6.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:tivoli_netcool/impact:7.1.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cognos_business_intelligence:10.2.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_identity_manager:7.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:messagesight:1.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_orchestrator:2.4:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:tivoli_common_reporting:3.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:tivoli_common_reporting:3.1.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:tivoli_common_reporting:3.1.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:tivoli_monitoring:6.2.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:tivoli_monitoring:6.2.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:tivoli_monitoring:6.3.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:tivoli_monitoring:6.2.3.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:tivoli_monitoring:6.2.3.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:tivoli_monitoring:6.2.3.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:tivoli_monitoring:6.2.3.4:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:tivoli_monitoring:6.2.3.5:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:tivoli_monitoring:6.3.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:tivoli_monitoring:6.3.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:tivoli_monitoring:6.3.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:tivoli_monitoring:6.3.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:tivoli_monitoring:6.3.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cognos_controller:10.2.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cognos_controller:10.2.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:license_metric_tool:9.2.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:spss_analytic_server:2.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:control_center:6.0.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_orchestrator:2.3.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_orchestrator:2.4.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_orchestrator:2.4.0.2:*:*:*:*:*:*:*
  • OR cpe:/h:ibm:flex_system_manager_node_7955:-:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:systems_director:1.2.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:tivoli_common_reporting:3.1.2.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_privileged_identity_manager:2.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_orchestrator:2.5:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cognos_analytics:11.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_mq_light:1.0:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:security_access_manager:9.0.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:transformation_extender:9.0:*:advanced:*:*:*:*:*
  • OR cpe:/a:ibm:sterling_b2b_integrator:5.2.6:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:algo_one:5.1.0:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:i:7.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_identity_governance_and_intelligence:5.2.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:emptoris:strategic_supply_management:10.0.0.0:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_orchestrator:2.4.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:tivoli_monitoring:6.3.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:tivoli_monitoring:6.3.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:tivoli_monitoring:6.2.2.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:tivoli_monitoring:6.2.2.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:tivoli_monitoring:6.2.2.4:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:tivoli_monitoring:6.2.2.5:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:tivoli_monitoring:6.2.2.6:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:tivoli_monitoring:6.2.2.7:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:tivoli_monitoring:6.2.2.8:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:tivoli_monitoring:6.2.2.9:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:security_access_manager:8.0.0:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:security_access_manager:8.0.0.1:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:security_access_manager:8.0.0.2:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:security_access_manager:8.0.0.3:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:security_access_manager:8.0.0.4:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:security_access_manager:8.0.0.5:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:security_access_manager:8.0.1:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:security_access_manager:8.0.1.2:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:security_access_manager:8.0.1.3:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:security_access_manager:8.0.1.4:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:security_access_manager:9.0.0:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:security_access_manager:9.0.1.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:tivoli_monitoring:6.3.0.7:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:control_center:6.1.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_privileged_identity_manager:2.1.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:spss_analytic_server:2.1.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:spss_analytic_server:3.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cognos_analytics:11.0.0:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:security_access_manager:9.0.2.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:emptoris:strategic_supply_management:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    ibm websphere application server 7.0
    ibm websphere application server 7.0.0.0
    ibm websphere application server 7.0.0.1
    ibm websphere application server 7.0.0.2
    ibm websphere application server 7.0.0.3
    ibm websphere application server 7.0.0.4
    ibm websphere application server 7.0.0.5
    ibm websphere application server 7.0.0.6
    ibm websphere application server 7.0.0.7
    ibm websphere application server 7.0.0.8
    ibm websphere application server 7.0.0.9
    ibm websphere application server 7.0.0.10
    ibm websphere application server 7.0.0.11
    ibm websphere application server 7.0.0.12
    ibm websphere application server 7.0.0.13
    ibm websphere application server 7.0.0.14
    ibm websphere application server 7.0.0.15
    ibm websphere application server 7.0.0.16
    ibm websphere application server 7.0.0.17
    ibm websphere application server 7.0.0.18
    ibm websphere application server 7.0.0.19
    ibm websphere application server 7.0.0.21
    ibm websphere application server 7.0.0.22
    ibm websphere application server 7.0.0.23
    ibm websphere application server 7.0.0.24
    ibm websphere application server 7.0.0.25
    ibm websphere application server 7.0.0.27
    ibm websphere application server 7.0.0.28
    ibm websphere application server 7.0.0.29
    ibm websphere application server 7.0.0.31
    ibm websphere application server 7.0.0.32
    ibm websphere application server 7.0.0.33
    ibm websphere application server 7.0.0.34
    ibm websphere application server 7.0.0.35
    ibm websphere application server 7.0.0.36
    ibm websphere application server 7.0.0.37
    ibm websphere application server 7.0.0.38
    ibm websphere application server 7.0.0.39
    ibm websphere application server 7.0.0.41
    ibm websphere application server 8.0
    ibm websphere application server 8.0.0.0
    ibm websphere application server 8.0.0.1
    ibm websphere application server 8.0.0.2
    ibm websphere application server 8.0.0.3
    ibm websphere application server 8.0.0.4
    ibm websphere application server 8.0.0.5
    ibm websphere application server 8.0.0.6
    ibm websphere application server 8.0.0.7
    ibm websphere application server 8.0.0.8
    ibm websphere application server 8.0.0.9
    ibm websphere application server 8.0.0.10
    ibm websphere application server 8.0.0.11
    ibm websphere application server 8.0.0.12
    ibm websphere application server 8.5.0.0
    ibm websphere application server 8.5.0.0 -
    ibm websphere application server 8.5.0.1 -
    ibm websphere application server 8.5.0.2 -
    ibm websphere application server 8.5.5.0 -
    ibm websphere application server 8.5.5.1 -
    ibm websphere application server 8.5.5.2 -
    ibm websphere application server 8.5.5.4
    ibm websphere application server 8.5.5.5
    ibm websphere application server 8.5.5.6
    ibm websphere application server 8.5.5.7
    ibm websphere application server 8.5.5.8
    ibm websphere application server 8.5.5.9
    ibm websphere application server 9.0.0.0
    ibm websphere application server 7.0
    ibm websphere application server 7.0.0.0
    ibm websphere application server 7.0.0.1
    ibm websphere application server 7.0.0.2
    ibm websphere application server 7.0.0.3
    ibm websphere application server 7.0.0.4
    ibm websphere application server 7.0.0.5
    ibm websphere application server 7.0.0.6
    ibm websphere application server 7.0.0.7
    ibm websphere application server 7.0.0.8
    ibm websphere application server 7.0.0.9
    ibm websphere application server 7.0.0.10
    ibm websphere application server 7.0.0.11
    ibm websphere application server 7.0.0.12
    ibm websphere application server 7.0.0.13
    ibm websphere application server 7.0.0.14
    ibm websphere application server 7.0.0.15
    ibm websphere application server 7.0.0.16
    ibm websphere application server 7.0.0.17
    ibm websphere application server 7.0.0.18
    ibm websphere application server 7.0.0.19
    ibm websphere application server 7.0.0.21
    ibm websphere application server 7.0.0.22
    ibm websphere application server 7.0.0.23
    ibm websphere application server 7.0.0.24
    ibm websphere application server 7.0.0.25
    ibm websphere application server 7.0.0.27
    ibm websphere application server 7.0.0.28
    ibm websphere application server 7.0.0.29
    ibm websphere application server 7.0.0.31
    ibm websphere application server 7.0.0.32
    ibm websphere application server 7.0.0.33
    ibm websphere application server 7.0.0.34
    ibm websphere application server 7.0.0.35
    ibm websphere application server 7.0.0.36
    ibm websphere application server 7.0.0.37
    ibm websphere application server 7.0.0.38
    ibm websphere application server 7.0.0.39
    ibm websphere application server 7.0.0.41
    ibm websphere application server 8.0
    ibm websphere application server 8.0.0.0
    ibm websphere application server 8.0.0.1
    ibm websphere application server 8.0.0.2
    ibm websphere application server 8.0.0.3
    ibm websphere application server 8.0.0.4
    ibm websphere application server 8.0.0.5
    ibm websphere application server 8.0.0.6
    ibm websphere application server 8.0.0.7
    ibm websphere application server 8.0.0.8
    ibm websphere application server 8.0.0.9
    ibm websphere application server 8.0.0.10
    ibm websphere application server 8.0.0.11
    ibm websphere application server 8.0.0.12
    ibm websphere application server 8.5.0.0
    ibm websphere application server 8.5.0.0 -
    ibm websphere application server 8.5.0.1 -
    ibm websphere application server 8.5.0.2 -
    ibm websphere application server 8.5.5.0 -
    ibm websphere application server 8.5.5.1 -
    ibm websphere application server 8.5.5.2 -
    ibm websphere application server 8.5.5.4
    ibm websphere application server 8.5.5.5
    ibm websphere application server 8.5.5.6
    ibm websphere application server 8.5.5.7
    ibm websphere application server 8.5.5.8
    ibm websphere application server 8.5.5.9
    ibm websphere application server 8.5.5.10
    ibm websphere application server 9.0.0.0
    ibm websphere application server 9.0.0.1
    ibm websphere application server 7.0
    ibm websphere application server 8.0
    ibm websphere application server 8.5
    ibm websphere application server 8.5.5
    ibm websphere application server 9.0.0.0
    ibm cognos business intelligence 10.1.1
    ibm cognos business intelligence 10.2
    ibm content collector 3.0.0.0
    ibm tivoli netcool/impact 6.1.1
    ibm cognos business intelligence 10.2.1
    ibm messagesight jms client 1.1.0.0
    ibm tivoli storage manager for virtual environments 6.3.0.0
    ibm tivoli storage manager for virtual environments 6.4
    ibm tivoli storage manager for virtual environments 7.1
    ibm i 6.1
    ibm i 7.1
    ibm i 7.2
    ibm cloud orchestrator 2.3
    ibm algo one 5.0.0
    ibm websphere mq light 1.0
    ibm tivoli netcool/impact 6.1.1
    ibm tivoli netcool/impact 7.1.0
    ibm cognos business intelligence 10.2.2
    ibm security identity manager 7.0
    ibm messagesight 1.2
    ibm cloud orchestrator 2.4
    ibm tivoli common reporting 3.1
    ibm tivoli common reporting 3.1.0.1
    ibm tivoli common reporting 3.1.0.2
    ibm tivoli monitoring 6.2.2
    ibm tivoli monitoring 6.2.3
    ibm tivoli monitoring 6.3.0
    ibm tivoli monitoring 6.2.3.1
    ibm tivoli monitoring 6.2.3.2
    ibm tivoli monitoring 6.2.3.3
    ibm tivoli monitoring 6.2.3.4
    ibm tivoli monitoring 6.2.3.5
    ibm tivoli monitoring 6.3.0
    ibm tivoli monitoring 6.3.0.1
    ibm tivoli monitoring 6.3.0.2
    ibm tivoli monitoring 6.3.0.3
    ibm tivoli monitoring 6.3.0.4
    ibm cognos controller 10.2.1
    ibm cognos controller 10.2.0
    ibm license metric tool 9.2.0
    ibm spss analytic server 2.0.0
    ibm control center 6.0.0.1
    ibm cloud orchestrator 2.3.0.1
    ibm cloud orchestrator 2.4.0.1
    ibm cloud orchestrator 2.4.0.2
    ibm flex system manager node 7955 -
    ibm systems director 1.2.2
    ibm tivoli common reporting 3.1.2.1
    ibm security privileged identity manager 2.0.2
    ibm cloud orchestrator 2.5
    ibm cognos analytics 11.0.0.0
    ibm websphere mq light 1.0
    ibm security access manager 9.0.0.1
    ibm transformation extender advanced 9.0
    ibm sterling b2b integrator 5.2.6
    ibm algo one 5.1.0
    ibm i 7.3
    ibm security identity governance and intelligence 5.2.1
    ibm emptoris strategic_supply_management 10.0.0.0
    ibm cloud orchestrator 2.4.0.3
    ibm tivoli monitoring 6.3.0.5
    ibm tivoli monitoring 6.3.0.6
    ibm tivoli monitoring 6.2.2.2
    ibm tivoli monitoring 6.2.2.3
    ibm tivoli monitoring 6.2.2.4
    ibm tivoli monitoring 6.2.2.5
    ibm tivoli monitoring 6.2.2.6
    ibm tivoli monitoring 6.2.2.7
    ibm tivoli monitoring 6.2.2.8
    ibm tivoli monitoring 6.2.2.9
    ibm security access manager 8.0.0
    ibm security access manager 8.0.0.1
    ibm security access manager 8.0.0.2
    ibm security access manager 8.0.0.3
    ibm security access manager 8.0.0.4
    ibm security access manager 8.0.0.5
    ibm security access manager 8.0.1
    ibm security access manager 8.0.1.2
    ibm security access manager 8.0.1.3
    ibm security access manager 8.0.1.4
    ibm security access manager 9.0.0
    ibm security access manager 9.0.1.0
    ibm tivoli monitoring 6.3.0.7
    ibm control center 6.1.0.1
    ibm security privileged identity manager 2.1.0
    ibm spss analytic server 2.1.0
    ibm spss analytic server 3.0.0
    ibm cognos analytics 11.0.0.0
    ibm security access manager 9.0.2.0
    ibm emptoris strategic_supply_management