Ibm

Websphere Application Server

443 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.8

CVE-2019-4080

  • EPSS 1.53%
  • Veröffentlicht 02.04.2019 14:29:01
  • Zuletzt bearbeitet 21.11.2024 04:43:08

IBM WebSphere Application Server Admin Console 7.5, 8.0, 8.5, and 9.0 is vulnerable to a potential denial of service, caused by improper parameter parsing. A remote attacker could exploit this to consume all available CPU resources. IBM X-Force ID: 1...

7.5

CVE-2019-4046

  • EPSS 1.11%
  • Veröffentlicht 25.03.2019 19:29:02
  • Zuletzt bearbeitet 21.11.2024 04:43:04

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to a denial of service, caused by improper handling of request headers. A remote attacker could exploit this vulnerability to cause the consumption of Memory. IBM X-Force ID: 15624...

4.3

CVE-2018-1902

  • EPSS 0.26%
  • Veröffentlicht 11.03.2019 22:29:00
  • Zuletzt bearbeitet 21.11.2024 04:00:34

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to spoof connection information which could be used to launch further attacks against the system. IBM X-Force ID: 152531.

5.4

CVE-2019-4030

  • EPSS 0.24%
  • Veröffentlicht 06.03.2019 20:29:00
  • Zuletzt bearbeitet 21.11.2024 04:43:03

IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosur...

5.3

CVE-2018-1996

  • EPSS 0.09%
  • Veröffentlicht 19.02.2019 17:29:00
  • Zuletzt bearbeitet 21.11.2024 04:00:42

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could provide weaker than expected security, caused by the improper TLS configuration. A remote attacker could exploit this vulnerability to obtain sensitive information using man in the middle ...

8.8

CVE-2018-1901

  • EPSS 0.74%
  • Veröffentlicht 12.12.2018 16:29:01
  • Zuletzt bearbeitet 21.11.2024 04:00:34

IBM WebSphere Application Server 8.5 and 9.0 could allow a remote attacker to temporarily gain elevated privileges on the system, caused by incorrect cached value being used. IBM X-Force ID: 152530.

8.8

CVE-2018-1926

  • EPSS 0.17%
  • Veröffentlicht 12.12.2018 16:29:01
  • Zuletzt bearbeitet 21.11.2024 04:00:36

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Admin Console is vulnerable to cross-site request forgery, caused by improper validation of user-supplied input. By persuading a user to visit a malicious URL, a remote attacker could send a spe...

9.8

CVE-2018-1904

  • EPSS 0.78%
  • Veröffentlicht 11.12.2018 16:29:02
  • Zuletzt bearbeitet 21.11.2024 04:00:34

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow remote attackers to execute arbitrary Java code through an administrative client class with a serialized object from untrusted sources. IBM X-Force ID: 152533.

5.5

CVE-2018-1957

  • EPSS 0.07%
  • Veröffentlicht 10.12.2018 14:29:01
  • Zuletzt bearbeitet 21.11.2024 04:00:39

IBM WebSphere Application Server 9 could allow sensitive information to be available caused by mishandling of data by the application based on an incorrect return by the httpServletRequest#authenticate() API when an unprotected URI is accessed. IBM X...

8.1

CVE-2018-1840

  • EPSS 0.67%
  • Veröffentlicht 03.12.2018 15:29:00
  • Zuletzt bearbeitet 21.11.2024 04:00:29

IBM WebSphere Application Server 8.5 and 9.0 could allow a remote attacker to gain elevated privileges on the system, caused when a security domain is configured to use a federated repository other than global federated repository and then migrated t...