What is CVE-2015-7490?

CVE-2015-7490 is a low-severity vulnerability in Ibm Infosphere_information_server, classified under Improper Access Control. CVSS score: 3.1/10. Published 2016-03-03.

How severe is CVE-2015-7490?

Low severity. CVSS v3 base score is 3.1 out of 10.

Vulnerability in Ibm Infosphere_information_server

CVE-2015-7490

IBM InfoSphere Information Server 8.5 through FP3, 8.7 through FP2, 9.1 through 9.1.2.0, 11.3 through 11.3.1.2, and 11.5 allows remote authenticated users to bypass intended access restrictions via a modified cookie.

EPSS: 0.001 (31.8th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 3.1 (Low). Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N.

Affected products

Ibm Infosphere_information_server — versions 8.5, 8.5.0.1, 8.5.0.2
N/a — versions n/a

Weakness classification (CWE)

CWE-284 — Improper Access Control

References

1035125 (vdb-entry, x_refsource_SECTRACK)
JR54787 (vendor-advisory, x_refsource_AIXAPAR, Vendor Advisory)
psirt@us.ibm.com (x_refsource_CONFIRM, Vendor Advisory)

Frequently asked questions

What is CVE-2015-7490?: CVE-2015-7490 is a low-severity vulnerability in Ibm Infosphere_information_server, classified under Improper Access Control. CVSS score: 3.1/10. Published 2016-03-03.
How severe is CVE-2015-7490?: Low severity. CVSS v3 base score is 3.1 out of 10.