CVE-2014-4767 Information

Description

IBM WebSphere Application Server (WAS) Liberty Profile 8.5.x before 8.5.5.3 does not properly use the Liberty Repository for feature installation which allows remote authenticated users to execute arbitrary code via unspecified vectors.

Reference

http://www.securityfocus.com/bid/69297 http://www-01.ibm.com/support/docview.wss?uid=swg1PI21284 http://www-01.ibm.com/support/docview.wss?uid=swg21681249 https://exchange.xforce.ibmcloud.com/vulnerabilities/94832