Ibm

Websphere Application Server

435 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
3.5

CVE-2013-5414

  • EPSS 0.16%
  • Veröffentlicht 18.11.2013 05:23:57
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The migration functionality in IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.31, 8.0 before 8.0.0.8, and 8.5 before 8.5.5.1 does not properly support the distinction between the admin role and the adminsecmanager role, which allows remote a...

4.3

CVE-2013-5417

  • EPSS 0.27%
  • Veröffentlicht 18.11.2013 05:23:57
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.31, 8.0 before 8.0.0.8, and 8.5 before 8.5.5.1 allows remote attackers to inject arbitrary web script or HTML via HTTP response data.

3.5

CVE-2013-5418

  • EPSS 0.16%
  • Veröffentlicht 18.11.2013 05:23:57
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in the Administrative console in IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.31, 8.0 before 8.0.0.8, and 8.5 before 8.5.5.1 allows remote authenticated users to inject arbitrary web script or HTML ...

4.3

CVE-2013-0596

  • EPSS 0.27%
  • Veröffentlicht 20.09.2013 21:55:05
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in the Administrative console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3

CVE-2013-4052

  • EPSS 0.27%
  • Veröffentlicht 20.09.2013 21:55:05
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in the UDDI Administrative console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0 before 7.0.0.31, 8.0 before 8.0.0.8, and 8.5 before 8.5.5.1 allows remote attackers to inject arbitrary web...

6.8

CVE-2013-4053

  • EPSS 0.4%
  • Veröffentlicht 20.09.2013 21:55:05
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The WS-Security implementation in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0 before 7.0.0.31, 8.0 before 8.0.0.8, and 8.5 before 8.5.5.1, and WAS Feature Pack for Web Services 6.1 before 6.1.0.47, when a trust store is configured...

4.3

CVE-2013-2967

  • EPSS 0.21%
  • Veröffentlicht 21.08.2013 21:55:06
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in the Administrative console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0 before 7.0.0.29, 8.0 before 8.0.0.7, and 8.5 before 8.5.5.0 allows remote attackers to inject arbitrary web scri...

1.9

CVE-2013-2976

  • EPSS 0.05%
  • Veröffentlicht 21.08.2013 21:55:06
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The Administrative console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0 before 7.0.0.29, 8.0 before 8.0.0.7, and 8.5 before 8.5.5.0 does not properly perform caching, which allows local users to obtain sensitive information via ...

6.8

CVE-2013-3029

  • EPSS 0.12%
  • Veröffentlicht 21.08.2013 21:55:06
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Cross-site request forgery (CSRF) vulnerability in the Administrative console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0 before 7.0.0.31, 8.0 before 8.0.0.7, and 8.5 before 8.5.5.1 allows remote attackers to hijack the authent...

3.5

CVE-2013-4004

  • EPSS 0.16%
  • Veröffentlicht 21.08.2013 21:55:06
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in the Administrative console in IBM WebSphere Application Server (WAS) 8.0 before 8.0.0.7 and 8.5 before 8.5.5.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vector...