Ibm

Websphere Application Server

439 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2013-6325

  • EPSS 0.92%
  • Veröffentlicht 16.01.2014 20:55:10
  • Zuletzt bearbeitet 11.04.2025 00:51:21

IBM WebSphere Application Server 7.x before 7.0.0.31, 8.0.x before 8.0.0.8, and 8.5.x before 8.5.5.2 allows remote attackers to cause a denial of service (resource consumption) via a crafted request to a web services endpoint.

3.5

CVE-2013-6330

  • EPSS 0.17%
  • Veröffentlicht 16.01.2014 20:55:10
  • Zuletzt bearbeitet 11.04.2025 00:51:21

IBM WebSphere Application Server 7.x before 7.0.0.31, when simpleFileServlet static file caching is enabled, allows remote authenticated users to obtain sensitive information via unspecified vectors.

3.5

CVE-2013-6725

  • EPSS 0.29%
  • Veröffentlicht 16.01.2014 20:55:10
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in the Administrative Console in IBM WebSphere Application Server 7.x before 7.0.0.31, 8.0.x before 8.0.0.8, and 8.5.x before 8.5.5.2 allows remote authenticated administrators to inject arbitrary web script o...

4.3

CVE-2013-4006

  • EPSS 0.18%
  • Veröffentlicht 18.11.2013 05:23:57
  • Zuletzt bearbeitet 11.04.2025 00:51:21

IBM WebSphere Application Server (WAS) Liberty Profile 8.5 before 8.5.5.1 uses weak permissions for unspecified files, which allows local users to obtain sensitive information via standard filesystem operations.

3.5

CVE-2013-5414

  • EPSS 0.16%
  • Veröffentlicht 18.11.2013 05:23:57
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The migration functionality in IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.31, 8.0 before 8.0.0.8, and 8.5 before 8.5.5.1 does not properly support the distinction between the admin role and the adminsecmanager role, which allows remote a...

4.3

CVE-2013-5417

  • EPSS 0.27%
  • Veröffentlicht 18.11.2013 05:23:57
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.31, 8.0 before 8.0.0.8, and 8.5 before 8.5.5.1 allows remote attackers to inject arbitrary web script or HTML via HTTP response data.

3.5

CVE-2013-5418

  • EPSS 0.16%
  • Veröffentlicht 18.11.2013 05:23:57
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in the Administrative console in IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.31, 8.0 before 8.0.0.8, and 8.5 before 8.5.5.1 allows remote authenticated users to inject arbitrary web script or HTML ...

4.3

CVE-2013-0596

  • EPSS 0.27%
  • Veröffentlicht 20.09.2013 21:55:05
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in the Administrative console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3

CVE-2013-4052

  • EPSS 0.27%
  • Veröffentlicht 20.09.2013 21:55:05
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in the UDDI Administrative console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0 before 7.0.0.31, 8.0 before 8.0.0.8, and 8.5 before 8.5.5.1 allows remote attackers to inject arbitrary web...

6.8

CVE-2013-4053

  • EPSS 0.4%
  • Veröffentlicht 20.09.2013 21:55:05
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The WS-Security implementation in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0 before 7.0.0.31, 8.0 before 8.0.0.8, and 8.5 before 8.5.5.1, and WAS Feature Pack for Web Services 6.1 before 6.1.0.47, when a trust store is configured...