vulnerability
IBM WebSphere Application Server: CVE-2016-0385: Bypass security restrictions in WebSphere Application Server (CVE-2016-0385)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:M/Au:S/C:P/I:N/A:N) | Sep 1, 2016 | Apr 27, 2018 | Aug 11, 2025 |
Severity
4
CVSS
(AV:N/AC:M/Au:S/C:P/I:N/A:N)
Published
Sep 1, 2016
Added
Apr 27, 2018
Modified
Aug 11, 2025
Description
Buffer overflow in IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.43, 8.0 before 8.0.0.13, 8.5 before 8.5.5.10, 9.0 before 9.0.0.1, and Liberty before 16.0.0.3, when HttpSessionIdReuse is enabled, allows remote authenticated users to obtain sensitive information via unspecified vectors.
Solutions
ibm-was-install-7-0-0-0-pi60026ibm-was-install-8-0-0-0-pi60026ibm-was-install-8-5-0-0-pi60026ibm-was-install-8-5-pi60026-libertyibm-was-install-9-0-0-0-pi60026ibm-was-upgrade-7-0-0-0-7-0-0-43ibm-was-upgrade-8-0-0-0-8-0-0-13ibm-was-upgrade-8-5-0-0-8-5-5-10ibm-was-upgrade-8-5-16-0-0-3-libertyibm-was-upgrade-9-0-0-0-9-0-0-1
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.