CVE-2016-5954

MEDIUM

IBM WebSphere Portal <8.5.0 - DoS

Title source: llm
STIX 2.1

Description

IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through 7.0.0.2 CF30, 8.0.0 through 8.0.0.1 CF21, and 8.5.0 before CF12 allows remote authenticated users to cause a denial of service by uploading temporary files.

References (4)

Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/93017
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1036762
Not Applicable vendor-advisory x_refsource_aixapar
http://www-01.ibm.com/support/docview.wss?uid=swg1PI67037
Patch, Vendor Advisory x_refsource_confirm
http://www-01.ibm.com/support/docview.wss?uid=swg21989993

Scores

CVSS v3 6.5
EPSS 0.0131
EPSS Percentile 67.0%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

CWE
CWE-284
Status published
Products (17)
ibm/websphere_portal 6.1.0.0
ibm/websphere_portal 6.1.0.1
ibm/websphere_portal 6.1.0.2
ibm/websphere_portal 6.1.0.3
ibm/websphere_portal 6.1.0.4
ibm/websphere_portal 6.1.0.5
ibm/websphere_portal 6.1.0.6
ibm/websphere_portal 6.1.5.0
ibm/websphere_portal 6.1.5.1
ibm/websphere_portal 6.1.5.2
... and 7 more
Published Sep 12, 2016
Tracked Since Feb 18, 2026