{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2015-06-30T00:00:00", "descriptions": [{"lang": "en", "value": "IBM WebSphere Application Server (WAS) 8.5 before 8.5.5.6, and WebSphere Virtual Enterprise 7.0 before 7.0.0.6 for WebSphere Application Server (WAS) 7.0 and 8.0, does not properly implement user roles, which allows local users to gain privileges via unspecified vectors."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2016-11-25T19:57:01", "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm"}, "references": [{"name": "PI35180", "tags": ["vendor-advisory", "x_refsource_AIXAPAR"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PI35180"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959083"}, {"name": "75496", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/75496"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "[email protected]", "ID": "CVE-2015-1946", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "IBM WebSphere Application Server (WAS) 8.5 before 8.5.5.6, and WebSphere Virtual Enterprise 7.0 before 7.0.0.6 for WebSphere Application Server (WAS) 7.0 and 8.0, does not properly implement user roles, which allows local users to gain privileges via unspecified vectors."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "PI35180", "refsource": "AIXAPAR", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PI35180"}, {"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21959083", "refsource": "CONFIRM", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959083"}, {"name": "75496", "refsource": "BID", "url": "http://www.securityfocus.com/bid/75496"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T05:02:41.811Z"}, "title": "CVE Program Container", "references": [{"name": "PI35180", "tags": ["vendor-advisory", "x_refsource_AIXAPAR", "x_transferred"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PI35180"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959083"}, {"name": "75496", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/75496"}]}]}, "cveMetadata": {"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "assignerShortName": "ibm", "cveId": "CVE-2015-1946", "datePublished": "2015-07-14T17:00:00", "dateReserved": "2015-02-19T00:00:00", "dateUpdated": "2024-08-06T05:02:41.811Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ibm:websphere_application_server:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "B0905C80-A1BA-49CD-90CA-9270ECC3940C", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:8.0.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "AF1667C5-D19B-469C-82D5-8406B6D75EDE", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:8.5.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "1FD8F9CE-4E98-4187-B84A-429FA1C65E2D", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:8.5.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "FC1D7570-4AB4-44B0-B5ED-D103F0946F63", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:8.5.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "9E709E36-B5D0-42E5-A305-AF385FD7F347", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:8.5.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "49506702-1B31-4421-8DEE-5B789272EC6E", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:8.5.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "158777FD-83D1-44B9-83B4-A3F490CA76F4", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:8.5.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "EDA2FE6B-6E42-4E97-B803-DAB671D30FF5", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:8.5.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "72F5A562-5B2E-4BC7-8A81-EFE5ED265803", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:8.5.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "168E2F18-56C6-4789-BBAC-C99D4792046F", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:8.5.5.5:*:*:*:*:*:*:*", "matchCriteriaId": "B53EBD40-8E1A-4516-927D-ED1CF212B211", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ibm:websphere_virtual_enterprise:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "FC95AD4F-9A31-46EB-9B69-D2143AAACB40", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_virtual_enterprise:7.0.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "B812D190-1946-42DA-B40A-C9F2C623D2C8", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_virtual_enterprise:7.0.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "58A4313D-8666-4F9D-AFE4-22D51F9ABAF1", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_virtual_enterprise:7.0.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "395CFBE6-C129-4A30-8C61-4F02A1672ABF", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_virtual_enterprise:7.0.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "A7B691E4-0062-4541-A826-E8DEAC71BC84", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_virtual_enterprise:7.0.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "51F81483-22B2-4B3A-BB7F-6B2CEAFD3DC9", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "IBM WebSphere Application Server (WAS) 8.5 before 8.5.5.6, and WebSphere Virtual Enterprise 7.0 before 7.0.0.6 for WebSphere Application Server (WAS) 7.0 and 8.0, does not properly implement user roles, which allows local users to gain privileges via unspecified vectors."}, {"lang": "es", "value": "WebSphere Application Server (WAS) 8.5 anteriores a 8.5.5.6 y WebSphere Virtual Enterprise 7.0 anteriores a 7.0.0.6 para WebSphere Application Server (WAS) 7.0 y 8.0, no tienen los roles de usuarios correctamente implementados lo que permite a un usuario local obtener privilegios a trav\u00e9s de vectores no especificados."}], "id": "CVE-2015-1946", "lastModified": "2025-04-12T10:46:40.837", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.4, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.4, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "[email protected]", "type": "Primary", "userInteractionRequired": false}]}, "published": "2015-07-14T17:59:02.323", "references": [{"source": "[email protected]", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PI35180"}, {"source": "[email protected]", "tags": ["Patch", "Vendor Advisory"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959083"}, {"source": "[email protected]", "url": "http://www.securityfocus.com/bid/75496"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PI35180"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959083"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/75496"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-264"}], "source": "[email protected]", "type": "Primary"}]}

{}