CVE-2015-1946 - Pisolitic Boang

Description

IBM WebSphere Application Server (WAS) 8.5 before 8.5.5.6 and WebSphere Virtual Enterprise 7.0 before 7.0.0.6 for WebSphere Application Server (WAS) 7.0 and 8.0 does not properly implement user roles which allows local users to gain privileges via unspecified vectors.

Reference

http://www-01.ibm.com/support/docview.wss?uid=swg21959083 http://www-01.ibm.com/support/docview.wss?uid=swg1PI35180 http://www.securityfocus.com/bid/75496