CVE-2015-5001

MEDIUM

IBM Websphere Portal - Resource Management Error

Title source: rule

Description

IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through 7.0.0.2 CF29, 8.0.0 before 8.0.0.1 CF19, and 8.5.0 before CF08 allows remote authenticated users to cause a denial of service (memory consumption) via a crafted document.

References (3)

[Various Sources] http://www-01.ibm.com/support/docview.wss?uid=swg1PI49540

[Various Sources] http://www-01.ibm.com/support/docview.wss?uid=swg21970176

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id/1034284

Scores

CVSS v3 4.3

EPSS 0.0065

EPSS Percentile 70.5%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

Classification

CWE

CWE-399

Status draft

Affected Products (17)

ibm/websphere_portal

... and 2 more

Timeline

Published Dec 21, 2015

Tracked Since Feb 18, 2026