{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2016-03-04T00:00:00", "descriptions": [{"lang": "en", "value": "Business Space in IBM WebSphere Process Server 6.1.2.0 through 7.0.0.5 and Business Process Manager Advanced 7.5.x through 7.5.1.2, 8.0.x through 8.0.1.3, 8.5.0.x through 8.5.0.2, 8.5.5.x through 8.5.5.0, and 8.5.6.x through 8.5.6.2 allows remote authenticated users to bypass intended access restrictions and create an arbitrary page or space via unspecified vectors."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2016-12-01T15:57:02", "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm"}, "references": [{"name": "1035319", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1035319"}, {"name": "85089", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/85089"}, {"name": "JR54678", "tags": ["vendor-advisory", "x_refsource_AIXAPAR"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1JR54678"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21972005"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@us.ibm.com", "ID": "CVE-2015-7454", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Business Space in IBM WebSphere Process Server 6.1.2.0 through 7.0.0.5 and Business Process Manager Advanced 7.5.x through 7.5.1.2, 8.0.x through 8.0.1.3, 8.5.0.x through 8.5.0.2, 8.5.5.x through 8.5.5.0, and 8.5.6.x through 8.5.6.2 allows remote authenticated users to bypass intended access restrictions and create an arbitrary page or space via unspecified vectors."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "1035319", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1035319"}, {"name": "85089", "refsource": "BID", "url": "http://www.securityfocus.com/bid/85089"}, {"name": "JR54678", "refsource": "AIXAPAR", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1JR54678"}, {"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21972005", "refsource": "CONFIRM", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21972005"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T07:51:27.618Z"}, "title": "CVE Program Container", "references": [{"name": "1035319", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1035319"}, {"name": "85089", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/85089"}, {"name": "JR54678", "tags": ["vendor-advisory", "x_refsource_AIXAPAR", "x_transferred"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1JR54678"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21972005"}]}]}, "cveMetadata": {"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "assignerShortName": "ibm", "cveId": "CVE-2015-7454", "datePublished": "2016-03-21T14:00:00", "dateReserved": "2015-09-29T00:00:00", "dateUpdated": "2024-08-06T07:51:27.618Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ibm:websphere_process_server:6.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "07586269-73DA-4189-B0BD-95D4B0091FAD", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_process_server:6.1.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "0D43CB11-E506-4014-899E-417BDF7E0929", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_process_server:6.1.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "2B0F3654-3197-4C88-A7B0-F0A7DBF9A9DE", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_process_server:6.1.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "25634A4E-722F-4AC4-AB42-9C50FE5DD093", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_process_server:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "B834408E-3838-4473-806C-84A4E3AAB638", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_process_server:6.2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "45F5BEC8-746C-4AF4-99B4-39298CED51A6", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_process_server:6.2.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "744AF0AC-C99F-4D83-85BE-949C3CC58C9B", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_process_server:6.2.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "F8D07878-33BE-40B8-A6DA-BD5B2BDF6CFD", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_process_server:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "116EA95E-3845-4045-9E9D-F370D6D48A5E", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_process_server:7.0.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "1278C0A9-D694-4E1A-8C58-E22995B346B9", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_process_server:7.0.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "98B87B46-4C5C-4894-A840-D5354E0519B5", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_process_server:7.0.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "18B56787-8A91-46DD-ACAB-59C8439A2815", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_process_server:7.0.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "68E45D5B-C0AE-41CB-BF07-B4692F0062D6", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_process_server:7.0.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "DF76BE59-BBBD-42D9-96EA-5974CC489F8F", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ibm:business_process_manager:7.5.0.0:*:*:*:advanced:*:*:*", "matchCriteriaId": "91BDDE54-95C6-4E95-9427-D83E61355E3D", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:business_process_manager:7.5.0.1:*:*:*:advanced:*:*:*", "matchCriteriaId": "8057C7D0-978D-490B-BE80-597A2CB27A77", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:business_process_manager:7.5.1.0:*:*:*:advanced:*:*:*", "matchCriteriaId": "3DEBE193-CDE1-406C-9042-4085AA0EED8E", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:business_process_manager:7.5.1.1:*:*:*:advanced:*:*:*", "matchCriteriaId": "EF781F2F-05FB-4DBD-8BC1-98A630CD375A", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:business_process_manager:7.5.1.2:*:*:*:advanced:*:*:*", "matchCriteriaId": "0F1442C9-ED96-40C5-BE20-987C928BAD9D", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:business_process_manager:8.0.0.0:*:*:*:advanced:*:*:*", "matchCriteriaId": "E71AC948-9F71-403E-8035-172D5F667B54", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:business_process_manager:8.0.1.0:*:*:*:advanced:*:*:*", "matchCriteriaId": "E77872E9-D66C-47FF-AA1D-7764D65997A8", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:business_process_manager:8.0.1.1:*:*:*:advanced:*:*:*", "matchCriteriaId": "7B3D03C8-B7F4-43AF-9270-555507AAC527", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:business_process_manager:8.0.1.2:*:*:*:advanced:*:*:*", "matchCriteriaId": "E69BBEFA-B321-4085-AEA1-BAE2B0B54524", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:business_process_manager:8.0.1.3:*:*:*:advanced:*:*:*", "matchCriteriaId": "BE4F0900-83C3-4228-9F3B-2664C1C816F9", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:business_process_manager:8.5.0.0:*:*:*:advanced:*:*:*", "matchCriteriaId": "9942841D-3E36-4159-AA5A-B534CB701B6A", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:business_process_manager:8.5.0.1:*:*:*:advanced:*:*:*", "matchCriteriaId": "7A1FCB4E-DC46-4780-9017-1E8E789E785F", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:business_process_manager:8.5.0.2:*:*:*:advanced:*:*:*", "matchCriteriaId": "19B921EC-DE16-4A2B-BB29-B02A9B416470", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:business_process_manager:8.5.5.0:*:*:*:advanced:*:*:*", "matchCriteriaId": "00DC7609-2519-4DB5-AA5E-A1CFCE0DA5A1", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:business_process_manager:8.5.6.0:*:*:*:advanced:*:*:*", "matchCriteriaId": "66A4A455-A75B-4363-AC6D-DAD50287EB99", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:business_process_manager:8.5.6.1:*:*:*:advanced:*:*:*", "matchCriteriaId": "240E404A-0420-4731-8DFE-076746B14807", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:business_process_manager:8.5.6.2:*:*:*:advanced:*:*:*", "matchCriteriaId": "66327978-D257-4ADE-8AEA-22547B0E4541", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Business Space in IBM WebSphere Process Server 6.1.2.0 through 7.0.0.5 and Business Process Manager Advanced 7.5.x through 7.5.1.2, 8.0.x through 8.0.1.3, 8.5.0.x through 8.5.0.2, 8.5.5.x through 8.5.5.0, and 8.5.6.x through 8.5.6.2 allows remote authenticated users to bypass intended access restrictions and create an arbitrary page or space via unspecified vectors."}, {"lang": "es", "value": "Business Space en IBM WebSphere Process Server 6.1.2.0 hasta la versi\u00f3n 7.0.0.5 y Business Process Manager Advanced 7.5.x hasta la versi\u00f3n 7.5.1.2, 8.0.x hasta la versi\u00f3n 8.0.1.3, 8.5.0.x hasta la versi\u00f3n 8.5.0.2, 8.5.5.x hasta la versi\u00f3n 8.5.5.0 y 8.5.6.x hasta la versi\u00f3n 8.5.6.2 permite a usuarios remotos autenticados eludir las restricciones destinadas al acceso y crear una p\u00e1gina o un espacio arbitrarios a trav\u00e9s de vectores no especificados."}], "id": "CVE-2015-7454", "lastModified": "2016-12-03T03:12:56.117", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2016-03-21T14:59:00.120", "references": [{"source": "psirt@us.ibm.com", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1JR54678"}, {"source": "psirt@us.ibm.com", "tags": ["Patch", "Vendor Advisory"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21972005"}, {"source": "psirt@us.ibm.com", "url": "http://www.securityfocus.com/bid/85089"}, {"source": "psirt@us.ibm.com", "url": "http://www.securitytracker.com/id/1035319"}], "sourceIdentifier": "psirt@us.ibm.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-264"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}