Unrated severityNVD Advisory· Published Jul 14, 2015· Updated May 6, 2026
CVE-2015-1946
CVE-2015-1946
Description
IBM WebSphere Application Server (WAS) 8.5 before 8.5.5.6, and WebSphere Virtual Enterprise 7.0 before 7.0.0.6 for WebSphere Application Server (WAS) 7.0 and 8.0, does not properly implement user roles, which allows local users to gain privileges via unspecified vectors.
Affected products
17cpe:2.3:a:ibm:websphere_application_server:7.0:*:*:*:*:*:*:*+ 10 more
- cpe:2.3:a:ibm:websphere_application_server:7.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:8.0.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:8.5.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:8.5.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:8.5.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:8.5.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:8.5.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:8.5.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:8.5.5.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:8.5.5.4:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_application_server:8.5.5.5:*:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_virtual_enterprise:7.0:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:a:ibm:websphere_virtual_enterprise:7.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_virtual_enterprise:7.0.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_virtual_enterprise:7.0.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_virtual_enterprise:7.0.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_virtual_enterprise:7.0.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_virtual_enterprise:7.0.0.5:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
3- www-01.ibm.com/support/docview.wssnvdPatchVendor Advisory
- www-01.ibm.com/support/docview.wssnvd
- www.securityfocus.com/bid/75496nvd
News mentions
0No linked articles in our index yet.