Ibm

Websphere Application Server

435 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2021-39031

  • EPSS 0.41%
  • Published 25.01.2022 17:15:08
  • Last modified 21.11.2024 06:18:27

IBM WebSphere Application Server - Liberty 17.0.0.3 through 22.0.0.1 could allow a remote authenticated attacker to conduct an LDAP injection. By using a specially crafted request, an attacker could exploit this vulnerability and could result in in g...

6.5

CVE-2022-22310

  • EPSS 0.24%
  • Published 19.01.2022 17:15:08
  • Last modified 21.11.2024 06:46:36

IBM WebSphere Application Server Liberty 21.0.0.10 through 21.0.0.12 could provide weaker than expected security. A remote attacker could exploit this weakness to obtain sensitive information and gain unauthorized access to JAX-WS applications. IBM X...

7.5

CVE-2021-38951

  • EPSS 0.15%
  • Published 09.12.2021 17:15:07
  • Last modified 21.11.2024 06:18:16

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to a denial of service, caused by sending a specially-crafted request. A remote attacker could exploit this vulnerability to cause the server to consume all available CPU resources...

5.3

CVE-2021-29842

  • EPSS 0.37%
  • Published 16.09.2021 16:15:08
  • Last modified 21.11.2024 06:01:54

IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0 and Liberty 17.0.0.3 through 21.0.0.9 could allow a remote user to enumerate usernames due to a difference of responses from valid and invalid login attempts. IBM X-Force ID: 205202.

8.8

CVE-2021-29736

  • EPSS 0.68%
  • Published 30.07.2021 12:15:07
  • Last modified 21.11.2024 06:01:42

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote user to gain elevated privileges on the system. IBM X-Force ID: 201300.

8.8

CVE-2021-29754

  • EPSS 0.21%
  • Published 11.06.2021 15:15:11
  • Last modified 21.11.2024 06:01:44

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to a privilege escalation vulnerability when using the SAML Web Inbound Trust Association Interceptor (TAI). IBM X-Force ID: 202006.

8.2

CVE-2021-20492

  • EPSS 0.22%
  • Published 26.05.2021 17:15:14
  • Last modified 21.11.2024 05:46:39

IBM WebSphere Application Server 8.0, 8.5, 9.0, and Liberty Java Batch is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or cons...

8.2

CVE-2021-20454

  • EPSS 0.17%
  • Published 21.04.2021 12:15:08
  • Last modified 21.11.2024 05:46:37

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resou...

8.2

CVE-2021-20453

  • EPSS 0.13%
  • Published 20.04.2021 12:15:12
  • Last modified 21.11.2024 05:46:37

IBM WebSphere Application Server 8.0, 8.5, and 9.0 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources....

6.5

CVE-2021-20480

  • EPSS 0.34%
  • Published 08.04.2021 13:15:13
  • Last modified 21.11.2024 05:46:38

IBM WebSphere Application Server 7.0, 8.0, and 8.5 is vulnerable to server-side request forgery (SSRF). By sending a specially crafted request, a remote authenticated attacker could exploit this vulnerability to obtain sensitive data. IBM X-Force ID:...