CVE-2015-7454 Information

Description

Business Space in IBM WebSphere Process Server 6.1.2.0 through 7.0.0.5 and Business Process Manager Advanced 7.5.x through 7.5.1.2 8.0.x through 8.0.1.3 8.5.0.x through 8.5.0.2 8.5.5.x through 8.5.5.0 and 8.5.6.x through 8.5.6.2 allows remote authenticated users to bypass intended access restrictions and create an arbitrary page or space via unspecified vectors.

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Reference

http://www.securityfocus.com/bid/85089 http://www.securitytracker.com/id/1035319 http://www-01.ibm.com/support/docview.wss?uid=swg1JR54678 http://www-01.ibm.com/support/docview.wss?uid=swg21972005

Attack Complexity

LOW

Privileges Required

LOW

User Interaction Required

LOW

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

NONE

Availability Impact

LOW

Base Score

NONE

Base Severity

4.3