Ibm

Websphere Extreme Scale

23 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 1.05%
  • Veröffentlicht 02.07.2016 14:59:10
  • Zuletzt bearbeitet 06.05.2026 22:30:45

IBM WebSphere eXtreme Scale 7.1.0 before 7.1.0.3, 7.1.1 before 7.1.1.1, 8.5 before 8.5.0.3, and 8.6 before 8.6.0.8 does not properly encrypt data, which makes it easier for remote attackers to obtain sensitive information by sniffing the network.

  • EPSS 2.14%
  • Veröffentlicht 02.07.2016 14:59:05
  • Zuletzt bearbeitet 06.05.2026 22:30:45

CRLF injection vulnerability in IBM WebSphere eXtreme Scale 7.1.0 before 7.1.0.3, 7.1.1 before 7.1.1.1, 8.5 before 8.5.0.3, and 8.6 before 8.6.0.8 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks vi...

  • EPSS 0.95%
  • Veröffentlicht 04.10.2015 02:59:15
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Cross-site scripting (XSS) vulnerability in IBM WebSphere eXtreme Scale 7.1.0 before 7.1.0.3 and 7.1.1 before 7.1.1.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.

  • EPSS 1.4%
  • Veröffentlicht 04.10.2015 02:59:14
  • Zuletzt bearbeitet 06.05.2026 22:30:45

IBM WebSphere eXtreme Scale 7.1.0 before 7.1.0.3 and 7.1.1 before 7.1.1.1 has an improper account-lockout setting, which makes it easier for remote attackers to obtain access via a brute-force attack.

  • EPSS 1.21%
  • Veröffentlicht 04.10.2015 02:59:13
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Session fixation vulnerability in IBM WebSphere eXtreme Scale 7.1.0 before 7.1.0.3 and 7.1.1 before 7.1.1.1 allows remote attackers to hijack web sessions via a session identifier.

  • EPSS 1.21%
  • Veröffentlicht 04.10.2015 02:59:12
  • Zuletzt bearbeitet 06.05.2026 22:30:45

CRLF injection vulnerability in IBM WebSphere eXtreme Scale 7.1.0 before 7.1.0.3 and 7.1.1 before 7.1.1.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL.

  • EPSS 0.5%
  • Veröffentlicht 04.10.2015 02:59:10
  • Zuletzt bearbeitet 06.05.2026 22:30:45

IBM WebSphere eXtreme Scale 7.1.0 before 7.1.0.3 and 7.1.1 before 7.1.1.1 improperly performs logout actions, which allows remote attackers to bypass intended access restrictions by leveraging an unattended workstation.

  • EPSS 0.54%
  • Veröffentlicht 04.10.2015 02:59:09
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Cross-site request forgery (CSRF) vulnerability in IBM WebSphere eXtreme Scale 7.1.0 before 7.1.0.3 and 7.1.1 before 7.1.1.1 allows remote authenticated users to hijack the authentication of arbitrary users for requests that insert XSS sequences.

  • EPSS 1.23%
  • Veröffentlicht 04.10.2015 02:59:08
  • Zuletzt bearbeitet 06.05.2026 22:30:45

IBM WebSphere eXtreme Scale 7.1.0 before 7.1.0.3 and 7.1.1 before 7.1.1.1 does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission with...

  • EPSS 1.24%
  • Veröffentlicht 03.08.2015 19:59:09
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Unspecified vulnerability in IBM WebSphere eXtreme Scale 8.6 through 8.6.0.8 allows remote attackers to cause a denial of service via unknown vectors.