Ibm

Websphere Application Server

439 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2009-0391

  • EPSS 0.44%
  • Veröffentlicht 02.02.2009 22:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Unspecified vulnerability in IBM WebSphere Application Server (WAS) 6.0.1 on z/OS allows attackers to read arbitrary files via unknown vectors.

5

CVE-2008-5411

  • EPSS 0.43%
  • Veröffentlicht 10.12.2008 00:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

IBM WebSphere Application Server (WAS) 7 before 7.0.0.1 sends SSL traffic over "unsecured TCP," which makes it easier for remote attackers to obtain sensitive information by sniffing the network.

10

CVE-2008-5412

  • EPSS 1.35%
  • Veröffentlicht 10.12.2008 00:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Unspecified vulnerability in IBM WebSphere Application Server (WAS) 7 before 7.0.0.1 on Windows has unknown impact and attack vectors related to JSPs. NOTE: this is probably a duplicate of CVE-2009-0438.

5

CVE-2008-5413

  • EPSS 0.3%
  • Veröffentlicht 10.12.2008 00:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

PerfServlet in the PMI/Performance Tools component in IBM WebSphere Application Server (WAS) 7 before 7.0.0.1 allows attackers to obtain sensitive information by reading the (1) systemout.log and (2) ffdc files. NOTE: this is probably a duplicate of...

10

CVE-2008-5414

  • EPSS 1.27%
  • Veröffentlicht 10.12.2008 00:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Unspecified vulnerability in the Feature Pack for Web Services in the Web Services Security component in IBM WebSphere Application Server (WAS) 7 before 7.0.0.1 has unknown impact and attack vectors related to "userNameToken."

7.8

CVE-2008-4678

  • EPSS 1.97%
  • Veröffentlicht 22.10.2008 18:00:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

The HTTP_Request_Parser method in the HTTP Transport component in IBM WebSphere Application Server (WAS) 6.0.2 before 6.0.2.31 allows remote attackers to cause a denial of service (controller 0C4 abend and application hang) via a long HTTP Host heade...

6.8

CVE-2008-4679

  • EPSS 0.3%
  • Veröffentlicht 22.10.2008 18:00:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

The Web Services Security component in IBM WebSphere Application Server (WAS) 6.0.2 before 6.0.2.31 and 6.1 before 6.1.0.19, when Certificate Store Collections is configured to use Certificate Revocation Lists (CRL), does not call the setRevocationEn...

9.3

CVE-2008-4111

  • EPSS 1.04%
  • Veröffentlicht 16.09.2008 23:00:01
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Unspecified vulnerability in Servlet Engine/Web Container in IBM WebSphere Application Server (WAS) 6.0.2 before 6.0.2.31 and 6.1 before 6.1.0.19, when the FileServing feature is enabled, has unknown impact and attack vectors.

10

CVE-2008-3235

  • EPSS 0.99%
  • Veröffentlicht 21.07.2008 16:41:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Unspecified vulnerability in the PropFilePasswordEncoder utility in the Security component in IBM WebSphere Application Server (WAS) 5.1 before 5.1.1.19 has unknown impact and attack vectors.

5

CVE-2008-3236

  • EPSS 0.52%
  • Veröffentlicht 21.07.2008 16:41:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Unspecified vulnerability in Wsadmin in the System Management/Repository component in IBM WebSphere Application Server (WAS) 5.1 before 5.1.1.19 allows attackers to obtain sensitive information via vectors related to "previously encrypted properties"...