Ibm

Websphere Service Registry And Repository

19 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4

CVE-2014-6155

  • EPSS 0.32%
  • Veröffentlicht 24.12.2014 11:59:03
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Multiple directory traversal vulnerabilities in the ServiceRegistry UI in IBM WebSphere Service Registry and Repository (WSRR) 7.5.x through 7.5.0.4, 8.0.x before 8.0.0.3, and 8.5.x before 8.5.0.1 allow remote authenticated users to read arbitrary fi...

4.3

CVE-2014-6153

  • EPSS 0.61%
  • Veröffentlicht 24.12.2014 11:59:02
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The Web UI in IBM WebSphere Service Registry and Repository (WSRR) 6.3.x through 6.3.0.5, 7.0.x through 7.0.0.5, 7.5.x through 7.5.0.4, 8.0.x before 8.0.0.3, and 8.5.x before 8.5.0.1 does not set the secure flag for a cookie in an https session, whic...

3.5

CVE-2014-6132

  • EPSS 0.31%
  • Veröffentlicht 24.12.2014 11:59:01
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Cross-site scripting (XSS) vulnerability in the Web UI in IBM WebSphere Service Registry and Repository (WSRR) 6.3 through 6.3.0.5, 7.0.x through 7.0.0.5, 7.5.x through 7.5.0.4, 8.0.x before 8.0.0.3, and 8.5.x before 8.5.0.1 allows remote authenticat...

4.3

CVE-2014-3010

  • EPSS 0.26%
  • Veröffentlicht 30.05.2014 17:55:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Cross-site scripting (XSS) vulnerability in the Web UI in IBM WebSphere Service Registry and Repository (WSRR) 6.2, 6.3 before 6.3.0.6, 7.0 before 7.0.0.6, 7.5 before 7.5.0.5, and 8.0 before 8.0.0.3 allows remote attackers to inject arbitrary web scr...

3.5

CVE-2013-6721

  • EPSS 0.25%
  • Veröffentlicht 17.12.2013 15:21:28
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in IBM WebSphere Service Registry and Repository (WSRR) 7.5.x before 7.5.0.4 and 8.x through 8.0.0.2 allows remote authenticated users to inject arbitrary web script or HTML via vectors involving widgets.

4.3

CVE-2011-1357

  • EPSS 0.2%
  • Veröffentlicht 11.08.2011 22:55:00
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in agentDetect.jsp in the web UI in IBM WebSphere Service Registry and Repository (WSRR) 6.3 before 6.3.0.5, 7.0 before 7.0.0.5, and 7.5 before 7.5.0.1 allows remote attackers to inject arbitrary web script or...

5

CVE-2010-2644

  • EPSS 0.26%
  • Veröffentlicht 22.12.2010 21:00:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

IBM WebSphere Service Registry and Repository (WSRR) 7.0.0 before FP1 does not properly implement access control, which allows remote attackers to perform governance actions via unspecified API requests to an EJB interface.

4.3

CVE-2010-2985

Exploit
  • EPSS 0.26%
  • Veröffentlicht 10.08.2010 12:23:06
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Multiple cross-site scripting (XSS) vulnerabilities in IBM WebSphere Service Registry and Repository (WSRR) 6.3 allow remote attackers to inject arbitrary web script or HTML via (1) the searchTerm parameter to ServiceRegistry/HelpSearch.do or (2) the...

5.5

CVE-2009-2750

  • EPSS 0.16%
  • Veröffentlicht 04.02.2010 20:15:23
  • Zuletzt bearbeitet 11.04.2025 00:51:21

IBM WebSphere Service Registry and Repository (WSRR) 6.3.0 before FP2 does not have the intended configuration properties, which allows remote authenticated users to obtain unspecified data access via a property query.