What is the severity of CVE-2015-0175?

CVE-2015-0175 is rated as a moderate severity vulnerability due to potential privilege escalation by authenticated users.

How do I fix CVE-2015-0175?

To fix CVE-2015-0175, you should upgrade IBM WebSphere Application Server to version 8.5.5.5 or later.

Who is affected by CVE-2015-0175?

CVE-2015-0175 affects users of IBM WebSphere Application Server versions 8.5.0.0 through 8.5.5.4.

What impact does CVE-2015-0175 have on the system?

CVE-2015-0175 allows unauthorized privilege escalation, potentially enabling users to perform actions beyond their intended access rights.

When was CVE-2015-0175 disclosed?

CVE-2015-0175 was disclosed in January 2015, alongside the release of the related patch.

Vulnerability/
CVE-2015-0175

medium

5.5

CWE

264

26/4/2015

6/8/2024

CVE-2015-0175

First published: Sun Apr 26 2015(Updated: )

IBM WebSphere Application Server (WAS) 8.5 Liberty Profile before 8.5.5.5 does not properly implement authData elements, which allows remote authenticated users to gain privileges via unspecified vectors.

Credit: psirt@us.ibm.com

Affected Software	Affected Version	How to fix
IBM WebSphere Application Server Feature Pack for Web Services	=8.5.0.0
IBM WebSphere Application Server Feature Pack for Web Services	=8.5.0.1
IBM WebSphere Application Server Feature Pack for Web Services	=8.5.0.2
IBM WebSphere Application Server Feature Pack for Web Services	=8.5.5.0
IBM WebSphere Application Server Feature Pack for Web Services	=8.5.5.1
IBM WebSphere Application Server Feature Pack for Web Services	=8.5.5.2
IBM WebSphere Application Server Feature Pack for Web Services	=8.5.5.3
IBM WebSphere Application Server Feature Pack for Web Services	=8.5.5.4

Remedy

http://www-01.ibm.com/support/docview.wss?uid=swg21697368

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2015-0175?
CVE-2015-0175 is rated as a moderate severity vulnerability due to potential privilege escalation by authenticated users.
How do I fix CVE-2015-0175?
To fix CVE-2015-0175, you should upgrade IBM WebSphere Application Server to version 8.5.5.5 or later.
Who is affected by CVE-2015-0175?
CVE-2015-0175 affects users of IBM WebSphere Application Server versions 8.5.0.0 through 8.5.5.4.
What impact does CVE-2015-0175 have on the system?
CVE-2015-0175 allows unauthorized privilege escalation, potentially enabling users to perform actions beyond their intended access rights.
When was CVE-2015-0175 disclosed?
CVE-2015-0175 was disclosed in January 2015, alongside the release of the related patch.

agent/type
collector/mitre-cve
source/MITRE
agent/weakness
agent/remedy
agent/last-modified-date
agent/author
agent/severity
agent/references
agent/first-publish-date
agent/description
agent/event
agent/source
agent/softwarecombine
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/ibm
canonical/ibm websphere application server feature pack for web services
version/ibm websphere application server feature pack for web services/8.5.0.0
version/ibm websphere application server feature pack for web services/8.5.0.1
version/ibm websphere application server feature pack for web services/8.5.0.2
version/ibm websphere application server feature pack for web services/8.5.5.0
version/ibm websphere application server feature pack for web services/8.5.5.1
version/ibm websphere application server feature pack for web services/8.5.5.2
version/ibm websphere application server feature pack for web services/8.5.5.3
version/ibm websphere application server feature pack for web services/8.5.5.4