Vulnerability Details : CVE-2016-0389
Admin Center in IBM WebSphere Application Server (WAS) 8.5.5.2 through 8.5.5.9 Liberty before Liberty Fix Pack 16.0.0.2 allows remote attackers to obtain sensitive information via unspecified vectors.
Products affected by CVE-2016-0389
- cpe:2.3:a:ibm:websphere_application_server:8.5.5.4:*:*:*:liberty:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:8.5.5.3:*:*:*:liberty:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:8.5.5.2:*:*:*:liberty:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:8.5.5.8:*:*:*:liberty:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:8.5.5.7:*:*:*:liberty:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:8.5.5.6:*:*:*:liberty:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:8.5.5.5:*:*:*:liberty:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:8.5.5.9:*:*:*:liberty:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2016-0389
0.23%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 42 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2016-0389
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:P/I:N/A:N |
10.0
|
2.9
|
NIST | |
5.3
|
MEDIUM | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
3.9
|
1.4
|
NIST |
CWE ids for CVE-2016-0389
-
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.Assigned by: nvd@nist.gov (Primary)
References for CVE-2016-0389
-
http://www-01.ibm.com/support/docview.wss?uid=swg1PI62052
IBM notice: The page you requested cannot be displayed
-
http://www.securityfocus.com/bid/91515
IBM WebSphere Application Server Liberty CVE-2016-0389 Information Disclosure Vulnerability
-
http://www-01.ibm.com/support/docview.wss?uid=swg21982012
IBM Security Bulletin: Information disclosure vulnerability in IBM WebSphere Application Server Liberty (CVE-2016-0389)Vendor Advisory
Jump to