vulnerability

IBM WebSphere Application Server: CVE-2017-1151: Privilege Escalation Vulnerability in WebSphere Application Server (CVE-2017-1151)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
7	(AV:N/AC:M/Au:N/C:P/I:P/A:P)	2017-03-20	2018-04-27	2025-04-25

Severity

CVSS

(AV:N/AC:M/Au:N/C:P/I:P/A:P)

Published

2017-03-20

Added

2018-04-27

Modified

2025-04-25

Description

IBM WebSphere Application Server 8.0, 8.5, 8.5.5, and 9.0 using OpenID Connect (OIDC) configured with a Trust Association Interceptor (TAI) could allow a user to gain elevated privileges on the system. IBM Reference #: 1999293.

Solution(s)

ibm-was-install-8-0-0-10-pi74857ibm-was-install-8-5-5-3-pi74857ibm-was-install-9-0-0-0-pi74857ibm-was-upgrade-8-0-0-10-8-0-0-14ibm-was-upgrade-8-5-5-3-8-5-5-12ibm-was-upgrade-9-0-0-0-9-0-0-4

References

CVE-2017-1151
https://attackerkb.com/topics/CVE-2017-1151
IBM-swg21999293

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today