Vulnerabilites related to ibm - liberty
Vulnerability from fkie_nvd
Published
2015-03-18 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
The Java overlay feature in IBM Bluemix Liberty before 1.13-20150209-1122 for Java does not properly support WAR applications, which allows remote attackers to obtain sensitive information via unspecified vectors.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:liberty:*:*:*:*:*:java:*:*",
"matchCriteriaId": "41097F85-5392-4340-BB75-0551B742FDB8",
"versionEndIncluding": "1.12-20150130-1059",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:bluemix:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AC274E23-45B5-4299-A0EC-65ABBD5EED0F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Java overlay feature in IBM Bluemix Liberty before 1.13-20150209-1122 for Java does not properly support WAR applications, which allows remote attackers to obtain sensitive information via unspecified vectors."
},
{
"lang": "es",
"value": "La caracter\u00edstica de la superposici\u00f3n de Java en IBM Bluemix Liberty anterior a 1.13-20150209-1122 para Java no soporta correctamente las aplicaciones WAR, lo que permite a atacantes remotos obtener informaci\u00f3n sensible a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2015-0178",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-03-18T10:59:07.853",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21696864"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21696864"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-10-24 21:29
Modified
2025-04-20 01:37
Severity ?
Summary
IBM WebSphere Application Server (IBM Liberty for Java for Bluemix 3.13)could allow a remote attacker to obtain sensitive information caused by improper error handling by MyFaces in JSF.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@us.ibm.com | http://www.ibm.com/support/docview.wss?uid=swg22009704 | Vendor Advisory | |
| psirt@us.ibm.com | http://www.securityfocus.com/bid/101522 | Third Party Advisory, VDB Entry | |
| psirt@us.ibm.com | http://www.securitytracker.com/id/1039695 | Third Party Advisory, VDB Entry | |
| psirt@us.ibm.com | https://exchange.xforce.ibmcloud.com/vulnerabilities/132342 | VDB Entry, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ibm.com/support/docview.wss?uid=swg22009704 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/101522 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039695 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/132342 | VDB Entry, Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:liberty:3.13:*:*:*:*:bluemix:*:*",
"matchCriteriaId": "A9A700C8-709B-49B9-A8F9-10B608C75387",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM WebSphere Application Server (IBM Liberty for Java for Bluemix 3.13)could allow a remote attacker to obtain sensitive information caused by improper error handling by MyFaces in JSF."
},
{
"lang": "es",
"value": "IBM WebSphere Application Server (IBM Liberty for Java para Bluemix 3.13) podr\u00eda permitir que un atacante remoto obtenga informaci\u00f3n sensible debido a una gesti\u00f3n incorrecta de los errores por parte de MyFaces en JSF."
}
],
"id": "CVE-2017-1583",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-10-24T21:29:00.483",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg22009704"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/101522"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039695"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/132342"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg22009704"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/101522"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039695"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"VDB Entry",
"Vendor Advisory"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/132342"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-01-11 17:29
Modified
2024-11-21 03:22
Severity ?
Summary
IBM WebSphere Application Server (IBM Liberty for Java for Bluemix 3.15) could allow a local attacker to obtain sensitive information, caused by improper handling of application requests, which could allow unauthorized access to read a file. IBM X-Force ID: 134003.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:liberty:*:*:*:*:*:bluemix:*:*",
"matchCriteriaId": "32A3F819-4B5D-4714-BDD9-D9D07FEF6AB6",
"versionEndIncluding": "3.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM WebSphere Application Server (IBM Liberty for Java for Bluemix 3.15) could allow a local attacker to obtain sensitive information, caused by improper handling of application requests, which could allow unauthorized access to read a file. IBM X-Force ID: 134003."
},
{
"lang": "es",
"value": "IBM WebSphere Application Server (IBM Liberty for Java for Bluemix 3.15) podr\u00eda permitir que un atacante local obtenga informaci\u00f3n sensible, provocado por la gesti\u00f3n incorrecta de peticiones de aplicaci\u00f3n, lo que podr\u00eda permitir acceso sin autorizaci\u00f3n para leer un archivo. IBM X-Force ID: 134003."
}
],
"id": "CVE-2017-1681",
"lastModified": "2024-11-21T03:22:12.720",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-01-11T17:29:00.243",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg22011863"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www.securitytracker.com/id/1040357"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/134003"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg22011863"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1040357"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/134003"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2017-1681 (GCVE-0-2017-1681)
Vulnerability from cvelistv5
Published
2018-01-11 17:00
Modified
2024-09-16 23:01
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Obtain Information
Summary
IBM WebSphere Application Server (IBM Liberty for Java for Bluemix 3.15) could allow a local attacker to obtain sensitive information, caused by improper handling of application requests, which could allow unauthorized access to read a file. IBM X-Force ID: 134003.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM | Liberty for Java for Bluemix |
Version: 3.15 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T13:39:32.371Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg22011863"
},
{
"name": "1040357",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040357"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/134003"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Liberty for Java for Bluemix",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "3.15"
}
]
}
],
"datePublic": "2018-01-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM WebSphere Application Server (IBM Liberty for Java for Bluemix 3.15) could allow a local attacker to obtain sensitive information, caused by improper handling of application requests, which could allow unauthorized access to read a file. IBM X-Force ID: 134003."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Obtain Information",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-02-09T10:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg22011863"
},
{
"name": "1040357",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040357"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/134003"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2018-01-08T00:00:00",
"ID": "CVE-2017-1681",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Liberty for Java for Bluemix",
"version": {
"version_data": [
{
"version_value": "3.15"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM WebSphere Application Server (IBM Liberty for Java for Bluemix 3.15) could allow a local attacker to obtain sensitive information, caused by improper handling of application requests, which could allow unauthorized access to read a file. IBM X-Force ID: 134003."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg22011863",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg22011863"
},
{
"name": "1040357",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040357"
},
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/134003",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/134003"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2017-1681",
"datePublished": "2018-01-11T17:00:00Z",
"dateReserved": "2016-11-30T00:00:00",
"dateUpdated": "2024-09-16T23:01:01.441Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-1583 (GCVE-0-2017-1583)
Vulnerability from cvelistv5
Published
2017-10-24 21:00
Modified
2024-08-05 13:39
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Obtain Information
Summary
IBM WebSphere Application Server (IBM Liberty for Java for Bluemix 3.13)could allow a remote attacker to obtain sensitive information caused by improper error handling by MyFaces in JSF.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM | Liberty for Java for Bluemix |
Version: 3.13 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T13:39:31.874Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/132342"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg22009704"
},
{
"name": "101522",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/101522"
},
{
"name": "1039695",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039695"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Liberty for Java for Bluemix",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": " 3.13"
}
]
}
],
"datePublic": "2017-10-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM WebSphere Application Server (IBM Liberty for Java for Bluemix 3.13)could allow a remote attacker to obtain sensitive information caused by improper error handling by MyFaces in JSF."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Obtain Information",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-11-01T09:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/132342"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg22009704"
},
{
"name": "101522",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/101522"
},
{
"name": "1039695",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039695"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2017-1583",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Liberty for Java for Bluemix",
"version": {
"version_data": [
{
"version_value": " 3.13"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM WebSphere Application Server (IBM Liberty for Java for Bluemix 3.13)could allow a remote attacker to obtain sensitive information caused by improper error handling by MyFaces in JSF."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/132342",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/132342"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg22009704",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg22009704"
},
{
"name": "101522",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101522"
},
{
"name": "1039695",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039695"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2017-1583",
"datePublished": "2017-10-24T21:00:00",
"dateReserved": "2016-11-30T00:00:00",
"dateUpdated": "2024-08-05T13:39:31.874Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-0178 (GCVE-0-2015-0178)
Vulnerability from cvelistv5
Published
2015-03-18 10:00
Modified
2024-08-06 04:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The Java overlay feature in IBM Bluemix Liberty before 1.13-20150209-1122 for Java does not properly support WAR applications, which allows remote attackers to obtain sensitive information via unspecified vectors.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:03:10.165Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21696864"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-03-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Java overlay feature in IBM Bluemix Liberty before 1.13-20150209-1122 for Java does not properly support WAR applications, which allows remote attackers to obtain sensitive information via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-03-18T07:57:00",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21696864"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2015-0178",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Java overlay feature in IBM Bluemix Liberty before 1.13-20150209-1122 for Java does not properly support WAR applications, which allows remote attackers to obtain sensitive information via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21696864",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21696864"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2015-0178",
"datePublished": "2015-03-18T10:00:00",
"dateReserved": "2014-11-18T00:00:00",
"dateUpdated": "2024-08-06T04:03:10.165Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}