Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

ibm websphere application server 6.1.0.24 vulnerabilities and exploits

(subscribe to this query)
890
VMScore
CVE-2010-3186
IBM WebSphere Application Server (WAS) 7.x prior to 7.0.0.13, and WebSphere Application Server Feature Pack for Web Services 6.1.0.9 up to and including 6.1.0.32, when a JAX-WS application is used, does not properly handle an IncludeTimestamp setting in the WS-Security policy, wh...
Ibm Websphere Application Server 7.0.0.4Ibm Websphere Application Server 7.0.0.5Ibm Websphere Application Server 7.0.0.2Ibm Websphere Application Server 7.0.0.3Ibm Websphere Application Server 7.0.0.11Ibm Websphere Application Server 7.0Ibm Websphere Application Server 7.0.0.1Ibm Websphere Application Server 7.0.0.9Ibm Websphere Application Server 7.0.0.10Ibm Websphere Application Server 7.0.0.6Ibm Websphere Application Server 7.0.0.7Ibm Websphere Application Server 6.1.0.9Ibm Websphere Application Server 6.1.0.10Ibm Websphere Application Server 6.1.0.18Ibm Websphere Application Server 6.1.0.19Ibm Websphere Application Server 6.1.0.26Ibm Websphere Application Server 6.1.0.27Ibm Websphere Application Server 6.1.0.16Ibm Websphere Application Server 6.1.0.17Ibm Websphere Application Server 6.1.0.24Ibm Websphere Application Server 6.1.0.25Ibm Websphere Application Server 6.1.0.13
668
VMScore
CVE-2009-0903
IBM WebSphere Application Server (WAS) 7.0 prior to 7.0.0.3, and the Feature Pack for Web Services for WAS 6.1 prior to 6.1.0.25, when a WS-Security policy is established at the operation level, does not properly handle inbound requests that lack a SOAPAction or WS-Addressing Act...
Ibm Websphere Application Server 6.1.0.4Ibm Websphere Application Server 6.1.0.21Ibm Websphere Application Server 6.1.0.3Ibm Websphere Application Server 6.1.0.10Ibm Websphere Application Server 6.1.0.0Ibm Websphere Application Server 6.1.0Ibm Websphere Application Server 7.0.0.1Ibm Websphere Application Server 6.1.0.8Ibm Websphere Application Server 6.1.0.6Ibm Websphere Application Server 6.1.0.1Ibm Websphere Application Server 6.1.0.16Ibm Websphere Application Server 6.1.0.2Ibm Websphere Application Server 6.1.0.14Ibm Websphere Application Server 6.1.0.17Ibm Websphere Application Server 6.1.0.18Ibm Websphere Application Server 7.0Ibm Websphere Application Server 6.1.0.20Ibm Websphere Application Server 6.1.0.22Ibm Websphere Application Server 6.1.0.5Ibm Websphere Application Server 6.1.0.15Ibm Websphere Application Server 6.1.0.9Ibm Websphere Application Server 6.1.0.11
694
VMScore
CVE-2009-2744
Unspecified vulnerability in IBM WebSphere Application Server (WAS) 6.1 prior to 6.1.0.27 allows remote malicious users to cause a denial of service via unknown vectors, related to "an error in fixpacks 6.1.0.23 and 6.1.0.25."
Ibm Websphere Application Server 6.1.0.24Ibm Websphere Application Server 6.1.0.16Ibm Websphere Application Server 6.1.0.15Ibm Websphere Application Server 6.1.0.0Ibm Websphere Application Server 6.1.0Ibm Websphere Application Server 6.1.0.8Ibm Websphere Application Server 6.1.0.9Ibm Websphere Application Server 6.1.0.23Ibm Websphere Application Server 6.1.0.22Ibm Websphere Application Server 6.1.0.14Ibm Websphere Application Server 6.1.0.13Ibm Websphere Application Server 6.1Ibm Websphere Application Server 6.1.0.3Ibm Websphere Application Server 6.1.0.25Ibm Websphere Application Server 6.1.0.26Ibm Websphere Application Server 6.1.0.19Ibm Websphere Application Server 6.1.0.18Ibm Websphere Application Server 6.1.0.17Ibm Websphere Application Server 6.1.0.10Ibm Websphere Application Server 6.1.0.1Ibm Websphere Application Server 6.1.0.6Ibm Websphere Application Server 6.1.0.7
668
VMScore
CVE-2009-2088
The Servlet Engine/Web Container component in IBM WebSphere Application Server (WAS) 6.1 prior to 6.1.0.25 and 7.0 prior to 7.0.0.5, when SPNEGO Single Sign-on (SSO) and disableSecurityPreInvokeOnFilters are configured, allows remote malicious users to bypass authentication via a...
Ibm Websphere Application Server 6.1.0.21Ibm Websphere Application Server 6.1.0.20Ibm Websphere Application Server 6.1.0.10Ibm Websphere Application Server 6.1.0.5Ibm Websphere Application Server 6.1.0Ibm Websphere Application Server 6.1.0.9Ibm Websphere Application Server 7.0.0.3Ibm Websphere Application Server 7.0.0.1Ibm Websphere Application Server 6.1.0.19Ibm Websphere Application Server 6.1.0.8Ibm Websphere Application Server 6.1.0.23Ibm Websphere Application Server 6.1.0.1Ibm Websphere Application Server 6.1.0.16Ibm Websphere Application Server 6.1.0.13Ibm Websphere Application Server 6.1.0.14Ibm Websphere Application Server 6.1Ibm Websphere Application Server 6.1.0.18Ibm Websphere Application Server 6.1.0.22Ibm Websphere Application Server 6.1.0.24Ibm Websphere Application Server 6.1.0.15Ibm Websphere Application Server 6.1.0.7Ibm Websphere Application Server 6.1.0.11
187
VMScore
CVE-2009-2089
The Migration component in IBM WebSphere Application Server (WAS) 6.1 prior to 6.1.0.25 and 7.0 prior to 7.0.0.5, when tracing is enabled and a 6.1 to 7.0 migration has occurred, allows remote authenticated users to obtain sensitive information by reading a Migration Trace file.
Ibm Websphere Application Server 6.1.0.4Ibm Websphere Application Server 6.1.0.21Ibm Websphere Application Server 6.1.0.2Ibm Websphere Application Server 6.1.0.3Ibm Websphere Application Server 6.1.0.0Ibm Websphere Application Server 6.1.0Ibm Websphere Application Server 7.0.0.4Ibm Websphere Application Server 7.0.0.3Ibm Websphere Application Server 6.1.0.19Ibm Websphere Application Server 6.1.0.24Ibm Websphere Application Server 6.1.0.23Ibm Websphere Application Server 6.1.0.15Ibm Websphere Application Server 6.1.0.7Ibm Websphere Application Server 6.1.0.12Ibm Websphere Application Server 6.1Ibm Websphere Application Server 6.1.0.20Ibm Websphere Application Server 6.1.0.22Ibm Websphere Application Server 6.1.0.10Ibm Websphere Application Server 6.1.0.5Ibm Websphere Application Server 6.1.0.9Ibm Websphere Application Server 6.1.0.11Ibm Websphere Application Server 7.0.0.1
187
VMScore
CVE-2009-2087
The Web Services functionality in IBM WebSphere Application Server (WAS) 6.1 prior to 6.1.0.25 and 7.0 prior to 7.0.0.5, in certain circumstances involving the ibm-webservicesclient-bind.xmi file and custom password encryption, uses weak password obfuscation, which allows local u...
Ibm Websphere Application Server 6.1.0.22Ibm Websphere Application Server 6.1.0.24Ibm Websphere Application Server 6.1.0.5Ibm Websphere Application Server 6.1.0.15Ibm Websphere Application Server 6.1.0.9Ibm Websphere Application Server 6.1.0.11Ibm Websphere Application Server 6.1.0.6Ibm Websphere Application Server 6.1.0.4Ibm Websphere Application Server 6.1.0.16Ibm Websphere Application Server 6.1.0.2Ibm Websphere Application Server 6.1.0.14Ibm Websphere Application Server 6.1.0.17Ibm Websphere Application Server 7.0Ibm Websphere Application Server 7.0.0.4Ibm Websphere Application Server 6.1.0.19Ibm Websphere Application Server 6.1.0.8Ibm Websphere Application Server 6.1.0.23Ibm Websphere Application Server 6.1.0.1Ibm Websphere Application Server 6.1.0.7Ibm Websphere Application Server 6.1.0.13Ibm Websphere Application Server 6.1.0.12Ibm Websphere Application Server 6.1
668
VMScore
CVE-2009-2085
The Security component in IBM WebSphere Application Server (WAS) 6.1 prior to 6.1.0.25 and 7.0 prior to 7.0.0.5 does not properly handle use of Identity Assertion with CSIv2 Security, which allows remote malicious users to bypass intended CSIv2 access restrictions via vectors inv...
Ibm Websphere Application Server 6.1.0.19Ibm Websphere Application Server 6.1.0.24Ibm Websphere Application Server 6.1.0.23Ibm Websphere Application Server 6.1.0.15Ibm Websphere Application Server 6.1.0.7Ibm Websphere Application Server 6.1.0.13Ibm Websphere Application Server 6.1.0.12Ibm Websphere Application Server 6.1Ibm Websphere Application Server 6.1.0.4Ibm Websphere Application Server 6.1.0.21Ibm Websphere Application Server 6.1.0.2Ibm Websphere Application Server 6.1.0.3Ibm Websphere Application Server 6.1.0.0Ibm Websphere Application Server 6.1.0Ibm Websphere Application Server 7.0.0.4Ibm Websphere Application Server 7.0.0.3Ibm Websphere Application Server 6.1.0.8Ibm Websphere Application Server 6.1.0.6Ibm Websphere Application Server 6.1.0.1Ibm Websphere Application Server 6.1.0.16Ibm Websphere Application Server 6.1.0.14Ibm Websphere Application Server 6.1.0.17
383
VMScore
CVE-2011-1209
IBM WebSphere Application Server (WAS) 6.1 prior to 6.1.0.39 and 7.0 prior to 7.0.0.17 uses a weak WS-Security XML encryption algorithm, which makes it easier for remote malicious users to obtain plaintext data from a (1) JAX-RPC or (2) JAX-WS Web Services request via unspecified...
Ibm Websphere Application Server 6.1.0.1Ibm Websphere Application Server 6.1.0.7Ibm Websphere Application Server 6.1.7Ibm Websphere Application Server 6.1.5Ibm Websphere Application Server 6.1.1Ibm Websphere Application Server 6.1.0.19Ibm Websphere Application Server 6.1.0.37Ibm Websphere Application Server 6.1.0.5Ibm Websphere Application Server 6.1.0.15Ibm Websphere Application Server 6.1.0.0Ibm Websphere Application Server 6.1.0.11Ibm Websphere Application Server 6.1.0.32Ibm Websphere Application Server 6.1.0.3Ibm Websphere Application Server 6.1.0.33Ibm Websphere Application Server 6.1.0.24Ibm Websphere Application Server 6.1.0.22Ibm Websphere Application Server 6.1.0.23Ibm Websphere Application Server 6.1.0.2Ibm Websphere Application Server 6.1.0.25Ibm Websphere Application Server 6.1.0Ibm Websphere Application Server 6.1.0.12Ibm Websphere Application Server 6.1.0.9
383
VMScore
CVE-2010-0783
Cross-site scripting (XSS) vulnerability in the Administrative Console in IBM WebSphere Application Server (WAS) 6.1 prior to 6.1.0.35 and 7.0 prior to 7.0.0.13 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Ibm Websphere Application Server 6.1.0.29Ibm Websphere Application Server 6.1.0.21Ibm Websphere Application Server 6.1.0.20Ibm Websphere Application Server 6.1.0.3Ibm Websphere Application Server 6.1.0.15Ibm Websphere Application Server 6.1.0.26Ibm Websphere Application Server 6.1.0Ibm Websphere Application Server 6.1.0.32Ibm Websphere Application Server 6.1.0.18Ibm Websphere Application Server 7.0.0.4Ibm Websphere Application Server 7.0.0.3Ibm Websphere Application Server 6.1.0.8Ibm Websphere Application Server 6.1.0.6Ibm Websphere Application Server 6.1.0.23Ibm Websphere Application Server 6.1.0.1Ibm Websphere Application Server 6.1.0.13Ibm Websphere Application Server 6.1.0.14Ibm Websphere Application Server 6.1.0.9Ibm Websphere Application Server 6.1.0.11Ibm Websphere Application Server 7.0.0.2Ibm Websphere Application Server 7.0.0.6Ibm Websphere Application Server 7.0.0.8
570
VMScore
CVE-2012-3305
Directory traversal vulnerability in IBM WebSphere Application Server (WAS) 6.1 prior to 6.1.0.47, 7.0 prior to 7.0.0.25, 8.0 prior to 8.0.0.5, and 8.5 prior to 8.5.0.1 allows remote malicious users to overwrite arbitrary files via a crafted application file.
Ibm Websphere Application Server 6.1.0Ibm Websphere Application Server 6.1.0.0Ibm Websphere Application Server 6.1.0.15Ibm Websphere Application Server 6.1.0.16Ibm Websphere Application Server 6.1.0.22Ibm Websphere Application Server 6.1.0.23Ibm Websphere Application Server 6.1.0.24Ibm Websphere Application Server 6.1.0.31Ibm Websphere Application Server 6.1.0.32Ibm Websphere Application Server 6.1.0.39Ibm Websphere Application Server 6.1.0.4Ibm Websphere Application Server 6.1.0.1Ibm Websphere Application Server 6.1.0.10Ibm Websphere Application Server 6.1.0.17Ibm Websphere Application Server 6.1.0.18Ibm Websphere Application Server 6.1.0.25Ibm Websphere Application Server 6.1.0.26Ibm Websphere Application Server 6.1.0.33Ibm Websphere Application Server 6.1.0.34Ibm Websphere Application Server 6.1.0.41Ibm Websphere Application Server 6.1.0.42Ibm Websphere Application Server 6.1.0.11
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654CVE-2024-2757authentication bypassCVE-2024-3194CVE-2024-33640CVE-2024-21111dosinsecure direct object referenceCVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook