CVE-2015-1885 Information

Description

WebSphereOauth20SP.ear in IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.39 8.0 before 8.0.0.11 8.5 Liberty Profile before 8.5.5.5 and 8.5 Full Profile before 8.5.5.6 when the OAuth grant type requires sending a password allows remote attackers to gain privileges via unspecified vectors.

Reference

http://www.securityfocus.com/bid/74219 http://www.securitytracker.com/id/1032190 http://www-01.ibm.com/support/docview.wss?uid=swg1PI33202 http://www-01.ibm.com/support/docview.wss?uid=swg1PI36211 http://www-01.ibm.com/support/docview.wss?uid=swg21697368 http://www-01.ibm.com/support/docview.wss?uid=swg21963275