Ibm

Websphere Service Registry And Repository

19 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.3

CVE-2019-4537

  • EPSS 0.26%
  • Veröffentlicht 26.02.2020 16:15:19
  • Zuletzt bearbeitet 21.11.2024 04:43:41

IBM WebSphere Service Registry and Repository 8.5 could allow a user to obtain sensitive version information that could be used in further attacks against the system. IBM X-Force ID: 165593.

2.1

CVE-2014-6160

  • EPSS 0.15%
  • Veröffentlicht 29.12.2014 02:59:01
  • Zuletzt bearbeitet 12.04.2025 10:46:40

IBM WebSphere Service Registry and Repository (WSRR) 8.5 before 8.5.0.1, when Chrome and WebSEAL are used, does not properly process ServiceRegistryDashboard logout actions, which allows remote attackers to bypass intended access restrictions by leve...

3.5

CVE-2014-6188

  • EPSS 0.29%
  • Veröffentlicht 24.12.2014 11:59:10
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Multiple cross-site scripting (XSS) vulnerabilities in IBM WebSphere Service Registry and Repository (WSRR) 6.3.x before 6.3.0.5, 7.0.x through 7.0.0.5, 7.5.x before 7.5.0.3, and 8.0.x before 8.0.0.2 allow remote authenticated users to inject arbitra...

6

CVE-2014-6187

  • EPSS 0.25%
  • Veröffentlicht 24.12.2014 11:59:09
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Multiple cross-site request forgery (CSRF) vulnerabilities in IBM WebSphere Service Registry and Repository (WSRR) 6.3.x before 6.3.0.5, 7.0.x before 7.0.0.5, 7.5.x before 7.5.0.3, and 8.0.x before 8.0.0.2 allow remote authenticated users to hijack t...

4

CVE-2014-6186

  • EPSS 0.34%
  • Veröffentlicht 24.12.2014 11:59:09
  • Zuletzt bearbeitet 12.04.2025 10:46:40

IBM WebSphere Service Registry and Repository (WSRR) 6.3.x before 6.3.0.5, 7.0.x through 7.0.0.5, 7.5.x before 7.5.0.3, and 8.0.x before 8.0.0.1 allows remote authenticated users to bypass intended object-access restrictions via the datagraph.

4

CVE-2014-6181

  • EPSS 0.17%
  • Veröffentlicht 24.12.2014 11:59:08
  • Zuletzt bearbeitet 12.04.2025 10:46:40

IBM WebSphere Service Registry and Repository (WSRR) 7.0.x before 7.0.0.5 does not perform access-control checks for contained objects, which allows remote authenticated users to obtain sensitive information via unspecified vectors.

3.5

CVE-2014-6180

  • EPSS 0.16%
  • Veröffentlicht 24.12.2014 11:59:07
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Cross-site scripting (XSS) vulnerability in the Web UI in IBM WebSphere Service Registry and Repository (WSRR) 7.0.x before 7.0.0.5 and 7.5.x before 7.5.0.1 allows remote authenticated users to inject arbitrary web script or HTML via the HTTP User-Ag...

4.3

CVE-2014-6179

  • EPSS 0.25%
  • Veröffentlicht 24.12.2014 11:59:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Cross-site scripting (XSS) vulnerability in the Web UI in IBM WebSphere Service Registry and Repository (WSRR) 7.5.x before 7.5.0.4 and 8.0.x before 8.0.0.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

3.5

CVE-2014-6178

  • EPSS 0.16%
  • Veröffentlicht 24.12.2014 11:59:05
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Cross-site scripting (XSS) vulnerability in the widgets in IBM WebSphere Service Registry and Repository (WSRR) 7.5.x before 7.5.0.4 and 8.0.x before 8.0.0.3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vec...

4

CVE-2014-6177

  • EPSS 0.23%
  • Veröffentlicht 24.12.2014 11:59:04
  • Zuletzt bearbeitet 12.04.2025 10:46:40

IBM WebSphere Service Registry and Repository (WSRR) 7.0.x before 7.0.0.5 and 7.5.x before 7.5.0.3 does not perform access-control checks for depth-0 retrieve operations, which allows remote authenticated users to obtain sensitive information via uns...