Ibm

Websphere Application Server

439 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
3.3

CVE-2020-4629

  • EPSS 0.04%
  • Veröffentlicht 30.09.2020 15:15:13
  • Zuletzt bearbeitet 21.11.2024 05:33:00

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a local user with specialized access to obtain sensitive information from a detailed technical error message. This information could be used in further attacks against the system. IB...

7.5

CVE-2020-4643

  • EPSS 0.34%
  • Veröffentlicht 21.09.2020 17:15:13
  • Zuletzt bearbeitet 21.11.2024 05:33:02

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information. IBM X-Force ID: 18559...

6.5

CVE-2020-4590

  • EPSS 0.45%
  • Veröffentlicht 21.09.2020 15:15:13
  • Zuletzt bearbeitet 21.11.2024 05:32:56

IBM WebSphere Application Server Liberty 17.0.0.3 through 20.0.0.9 running oauth-2.0 or openidConnectServer-1.0 server features is vulnerable to a denial of service attack conducted by an authenticated client. IBM X-Force ID: 184650.

5.4

CVE-2020-4578

  • EPSS 0.21%
  • Veröffentlicht 10.09.2020 17:15:33
  • Zuletzt bearbeitet 21.11.2024 05:32:55

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credential...

6.1

CVE-2020-4575

  • EPSS 0.13%
  • Veröffentlicht 27.08.2020 13:15:12
  • Zuletzt bearbeitet 21.11.2024 05:32:55

IBM WebSphere Application Server ND 8.5 and 9.0, and IBM WebSphere Virtual Enterprise 7.0 and 8.0 are vulnerable to cross-site scripting when High Availability Deployment Manager is configured.

10

CVE-2020-4589

  • EPSS 6.77%
  • Veröffentlicht 13.08.2020 12:15:25
  • Zuletzt bearbeitet 21.11.2024 05:32:56

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to execute arbitrary code on the system with a specially-crafted sequence of serialized objects from untrusted sources. IBM X-Force ID: 184585.

8.8

CVE-2020-4534

  • EPSS 0.07%
  • Veröffentlicht 03.08.2020 13:15:11
  • Zuletzt bearbeitet 21.11.2024 05:32:51

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a local authenticated attacker to gain elevated privileges on the system, caused by improper handling of UNC paths. By scheduling a task with a specially-crafted UNC path, an attacke...

9

CVE-2020-4464

  • EPSS 45.41%
  • Veröffentlicht 17.07.2020 14:15:11
  • Zuletzt bearbeitet 21.11.2024 05:32:46

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 traditional could allow a remote attacker to execute arbitrary code on a system with a specially-crafted sequence of serialized objects over the SOAP connector. IBM X-Force ID: 181489.

10

CVE-2020-4448

  • EPSS 16.24%
  • Veröffentlicht 05.06.2020 17:15:11
  • Zuletzt bearbeitet 21.11.2024 05:32:45

IBM WebSphere Application Server Network Deployment 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to execute arbitrary code on the system with a specially-crafted sequence of serialized objects from untrusted sources. IBM X-Force ID: 181228.

7.5

CVE-2020-4449

  • EPSS 0.57%
  • Veröffentlicht 05.06.2020 17:15:11
  • Zuletzt bearbeitet 21.11.2024 05:32:45

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 traditional could allow a remote attacker to obtain sensitive information with a specially-crafted sequence of serialized objects. IBM X-Force ID: 181230.