Ibm

Websphere Application Server

437 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.2

CVE-2021-20453

  • EPSS 0.08%
  • Veröffentlicht 20.04.2021 12:15:12
  • Zuletzt bearbeitet 21.11.2024 05:46:37

IBM WebSphere Application Server 8.0, 8.5, and 9.0 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources....

6.5

CVE-2021-20480

  • EPSS 0.37%
  • Veröffentlicht 08.04.2021 13:15:13
  • Zuletzt bearbeitet 21.11.2024 05:46:38

IBM WebSphere Application Server 7.0, 8.0, and 8.5 is vulnerable to server-side request forgery (SSRF). By sending a specially crafted request, a remote authenticated attacker could exploit this vulnerability to obtain sensitive data. IBM X-Force ID:...

6.5

CVE-2020-5016

  • EPSS 0.21%
  • Veröffentlicht 10.03.2021 15:15:12
  • Zuletzt bearbeitet 21.11.2024 05:33:33

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to traverse directories on the system. When application security is disabled and JAX-RPC applications are present, an attacker could send a specially-crafted URL re...

7.8

CVE-2021-20354

  • EPSS 0.46%
  • Veröffentlicht 18.02.2021 15:15:14
  • Zuletzt bearbeitet 21.11.2024 05:46:27

IBM WebSphere Application Server 8.0, 8.5, and 9.0 could allow a remote attacker to traverse directories. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ...

8.2

CVE-2021-20353

  • EPSS 1.08%
  • Veröffentlicht 10.02.2021 17:15:22
  • Zuletzt bearbeitet 21.11.2024 05:46:27

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory reso...

8.2

CVE-2020-4949

  • EPSS 0.3%
  • Veröffentlicht 26.01.2021 15:15:13
  • Zuletzt bearbeitet 21.11.2024 05:33:27

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory reso...

6.5

CVE-2020-4782

  • EPSS 0.39%
  • Veröffentlicht 28.10.2020 17:15:13
  • Zuletzt bearbeitet 21.11.2024 05:33:14

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the s...

7.5

CVE-2020-4576

  • EPSS 0.44%
  • Veröffentlicht 01.10.2020 16:15:12
  • Zuletzt bearbeitet 21.11.2024 05:32:55

IBM WebSphere Application Server 7.5, 8.0, 8.5, and 9.0 traditional could allow a remote attacker to obtain sensitive information with a specially-crafted sequence of serialized objects. IBM X-Force ID: 184428.

3.3

CVE-2020-4629

  • EPSS 0.04%
  • Veröffentlicht 30.09.2020 15:15:13
  • Zuletzt bearbeitet 21.11.2024 05:33:00

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a local user with specialized access to obtain sensitive information from a detailed technical error message. This information could be used in further attacks against the system. IB...

7.5

CVE-2020-4643

  • EPSS 0.34%
  • Veröffentlicht 21.09.2020 17:15:13
  • Zuletzt bearbeitet 21.11.2024 05:33:02

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information. IBM X-Force ID: 18559...