CVE-2016-8919 - IBM WebSphere Application Server may be vulnerable to a denial of service, caused by allowing serial

CVE-2016-8919

Summary

IBM WebSphere Application Server may be vulnerable to a denial of service, caused by allowing serialized objects from untrusted sources to run and cause the consumption of resources.

References

Vulnerable Configurations

cpe:2.3:a:ibm:websphere_application_server:7.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_application_server:7.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_application_server:8.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_application_server:8.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_application_server:8.5.5:*:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_application_server:8.5.5:*:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_application_server:9.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_application_server:9.0:*:*:*:*:*:*:*

CVSS

Base:	7.8 (as of 13-02-2017 - 22:20)
Impact:
Exploitability:

CWE

CWE-399

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
NONE	NONE	COMPLETE

cvss-vector via4

AV:N/AC:L/Au:N/C:N/I:N/A:C

refmap via4

bid	95650
confirm	http://www.ibm.com/support/docview.wss?uid=swg21993797
sectrack	1037710

Last major update

13-02-2017 - 22:20

Published

01-02-2017 - 22:59

Last modified

13-02-2017 - 22:20