CVE-2016-0389

Published on: 07/07/2016 12:00:00 AM UTC

Last Modified on: 03/23/2021 11:27:14 PM UTC

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Certain versions of Websphere Application Server from Ibm contain the following vulnerability:

Admin Center in IBM WebSphere Application Server (WAS) 8.5.5.2 through 8.5.5.9 Liberty before Liberty Fix Pack 16.0.0.2 allows remote attackers to obtain sensitive information via unspecified vectors.

  • CVE-2016-0389 has been assigned by URL Logo [email protected] to track the vulnerability - currently rated as MEDIUM severity.

CVSS3 Score: 5.3 - MEDIUM

Attack
Vector
Attack
Complexity
Privileges
Required
User
Interaction
NETWORK LOW NONE NONE
Scope Confidentiality
Impact
Integrity
Impact
Availability
Impact
UNCHANGED LOW NONE NONE

CVSS2 Score: 5 - MEDIUM

Access
Vector
Access
Complexity
Authentication
NETWORK LOW NONE
Confidentiality
Impact
Integrity
Impact
Availability
Impact
PARTIAL NONE NONE

CVE References

Description Tags Link
IBM WebSphere Application Server Liberty CVE-2016-0389 Information Disclosure Vulnerability cve.report (archive)
text/html
URL Logo BID 91515
Security Bulletin: Information disclosure vulnerability in IBM WebSphere Application Server Liberty (CVE-2016-0389) Vendor Advisory
www-01.ibm.com
text/html
URL Logo CONFIRM www-01.ibm.com/support/docview.wss?uid=swg21982012
IBM notice: The page you requested cannot be displayed www-01.ibm.com
text/html
Inactive LinkNot Archived
URL Logo AIXAPAR PI62052

Known Affected Configurations (CPE V2.3)

Type Vendor Product Version Update Edition Language
ApplicationIbmWebsphere Application Server8.5.5.2AllAllAll
ApplicationIbmWebsphere Application Server8.5.5.3AllAllAll
ApplicationIbmWebsphere Application Server8.5.5.4AllAllAll
ApplicationIbmWebsphere Application Server8.5.5.5AllAllAll
ApplicationIbmWebsphere Application Server8.5.5.6AllAllAll
ApplicationIbmWebsphere Application Server8.5.5.7AllAllAll
ApplicationIbmWebsphere Application Server8.5.5.8AllAllAll
ApplicationIbmWebsphere Application Server8.5.5.9AllAllAll
ApplicationIbmWebsphere Application Server8.5.5.2AllAllAll
ApplicationIbmWebsphere Application Server8.5.5.3AllAllAll
ApplicationIbmWebsphere Application Server8.5.5.4AllAllAll
ApplicationIbmWebsphere Application Server8.5.5.5AllAllAll
ApplicationIbmWebsphere Application Server8.5.5.6AllAllAll
ApplicationIbmWebsphere Application Server8.5.5.7AllAllAll
ApplicationIbmWebsphere Application Server8.5.5.8AllAllAll
ApplicationIbmWebsphere Application Server8.5.5.9AllAllAll
  • cpe:2.3:a:ibm:websphere_application_server:8.5.5.2:*:*:*:liberty:*:*:*:
  • cpe:2.3:a:ibm:websphere_application_server:8.5.5.3:*:*:*:liberty:*:*:*:
  • cpe:2.3:a:ibm:websphere_application_server:8.5.5.4:*:*:*:liberty:*:*:*:
  • cpe:2.3:a:ibm:websphere_application_server:8.5.5.5:*:*:*:liberty:*:*:*:
  • cpe:2.3:a:ibm:websphere_application_server:8.5.5.6:*:*:*:liberty:*:*:*:
  • cpe:2.3:a:ibm:websphere_application_server:8.5.5.7:*:*:*:liberty:*:*:*:
  • cpe:2.3:a:ibm:websphere_application_server:8.5.5.8:*:*:*:liberty:*:*:*:
  • cpe:2.3:a:ibm:websphere_application_server:8.5.5.9:*:*:*:liberty:*:*:*:
  • cpe:2.3:a:ibm:websphere_application_server:8.5.5.2:*:*:*:liberty:*:*:*:
  • cpe:2.3:a:ibm:websphere_application_server:8.5.5.3:*:*:*:liberty:*:*:*:
  • cpe:2.3:a:ibm:websphere_application_server:8.5.5.4:*:*:*:liberty:*:*:*:
  • cpe:2.3:a:ibm:websphere_application_server:8.5.5.5:*:*:*:liberty:*:*:*:
  • cpe:2.3:a:ibm:websphere_application_server:8.5.5.6:*:*:*:liberty:*:*:*:
  • cpe:2.3:a:ibm:websphere_application_server:8.5.5.7:*:*:*:liberty:*:*:*:
  • cpe:2.3:a:ibm:websphere_application_server:8.5.5.8:*:*:*:liberty:*:*:*:
  • cpe:2.3:a:ibm:websphere_application_server:8.5.5.9:*:*:*:liberty:*:*:*: