Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

ibm websphere application server 8.0.0.1 vulnerabilities and exploits

(subscribe to this query)
3.5
CVSSv2
CVE-2013-4004
Cross-site scripting (XSS) vulnerability in the Administrative console in IBM WebSphere Application Server (WAS) 8.0 prior to 8.0.0.7 and 8.5 prior to 8.5.5.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Ibm Websphere Application Server 8.0.0.3Ibm Websphere Application Server 8.0.0.4Ibm Websphere Application Server 8.0.0.5Ibm Websphere Application Server 8.0.0.6Ibm Websphere Application Server 8.0.0.0Ibm Websphere Application Server 8.0.0.1Ibm Websphere Application Server 8.0.0.2Ibm Websphere Application Server 8.5.0.0Ibm Websphere Application Server 8.5.0.1Ibm Websphere Application Server 8.5.0.2
4.3
CVSSv2
CVE-2014-0823
IBM WebSphere Application Server (WAS) 8.x prior to 8.0.0.9 and 8.5.x prior to 8.5.5.2 allows remote malicious users to read arbitrary files via a crafted URL.
Ibm Websphere Application Server 8.5.0.0Ibm Websphere Application Server 8.5.5.0Ibm Websphere Application Server 8.5.5.1Ibm Websphere Application Server 8.5.0.1Ibm Websphere Application Server 8.5.0.2Ibm Websphere Application Server 7.0Ibm Websphere Application Server 8.0.0.2Ibm Websphere Application Server 8.0.0.3Ibm Websphere Application Server 8.0.0.0Ibm Websphere Application Server 8.0.0.1Ibm Websphere Application Server 8.0.0.8Ibm Websphere Application Server 8.0.0.4Ibm Websphere Application Server 8.0.0.5Ibm Websphere Application Server 8.0.0.6Ibm Websphere Application Server 8.0.0.7
4
CVSSv2
CVE-2014-0857
The Administrative Console in IBM WebSphere Application Server (WAS) 8.x prior to 8.0.0.9 and 8.5.x prior to 8.5.5.2 allows remote authenticated users to obtain sensitive information via a crafted request.
Ibm Websphere Application Server 8.5.5.1Ibm Websphere Application Server 8.5.0.2Ibm Websphere Application Server 8.5.5.0Ibm Websphere Application Server 8.5.0.0Ibm Websphere Application Server 8.5.0.1Ibm Websphere Application Server 7.0Ibm Websphere Application Server 8.0.0.4Ibm Websphere Application Server 8.0.0.5Ibm Websphere Application Server 8.0.0.6Ibm Websphere Application Server 8.0.0.7Ibm Websphere Application Server 8.0.0.8Ibm Websphere Application Server 8.0.0.2Ibm Websphere Application Server 8.0.0.3Ibm Websphere Application Server 8.0.0.0Ibm Websphere Application Server 8.0.0.1
7.1
CVSSv2
CVE-2014-4764
IBM WebSphere Application Server (WAS) 8.0.x prior to 8.0.0.10 and 8.5.x prior to 8.5.5.3, when Load Balancer for IPv4 Dispatcher is enabled, allows remote malicious users to cause a denial of service (Load Balancer crash) via unspecified vectors.
Ibm Websphere Application Server 8.5.5.1Ibm Websphere Application Server 8.5.5.2Ibm Websphere Application Server 8.5.0.2Ibm Websphere Application Server 8.5.5.0Ibm Websphere Application Server 8.5.0.0Ibm Websphere Application Server 8.5.0.1Ibm Websphere Application Server 8.0.0.6Ibm Websphere Application Server 8.0.0.7Ibm Websphere Application Server 8.0.0.3Ibm Websphere Application Server 8.0.0.4Ibm Websphere Application Server 8.0.0.5Ibm Websphere Application Server 8.0.0.1Ibm Websphere Application Server 8.0.0.2Ibm Websphere Application Server 8.0.0.0Ibm Websphere Application Server 8.0.0.8Ibm Websphere Application Server 8.0.0.9
5
CVSSv2
CVE-2014-3070
The addFileRegistryAccount Virtual Member Manager (VMM) SPI Admin Task in IBM WebSphere Application Server (WAS) 8.0.x prior to 8.0.0.10 and 8.5.x prior to 8.5.5.3 does not properly create accounts, which allows remote malicious users to bypass intended access restrictions via un...
Ibm Websphere Application Server 8.5.0.1Ibm Websphere Application Server 8.5.0.2Ibm Websphere Application Server 8.5.5.0Ibm Websphere Application Server 8.5.5.1Ibm Websphere Application Server 8.5.0.0Ibm Websphere Application Server 8.5.5.2Ibm Websphere Application Server 8.0.0.3Ibm Websphere Application Server 8.0.0.4Ibm Websphere Application Server 8.0.0.5Ibm Websphere Application Server 8.0.0.6Ibm Websphere Application Server 8.0.0.0Ibm Websphere Application Server 8.0.0.1Ibm Websphere Application Server 8.0.0.2Ibm Websphere Application Server 8.0.0.9Ibm Websphere Application Server 8.0.0.7Ibm Websphere Application Server 8.0.0.8
4.3
CVSSv2
CVE-2014-6166
The Communications Enabled Applications (CEA) service in IBM WebSphere Application Server 8.0.x prior to 8.0.0.10 and 8.5.x prior to 8.5.5.4, and Feature Pack for CEA 1.x prior to 1.0.0.15, allows remote malicious users to read arbitrary files via an XML external entity declarati...
Ibm Websphere Application Server 8.0.0.0Ibm Websphere Application Server 8.0.0.1Ibm Websphere Application Server 8.0.0.8Ibm Websphere Application Server 8.0.0.9Ibm Websphere Application Server 8.5.5.3Ibm Websphere Application Server 8.0.0.6Ibm Websphere Application Server 8.0.0.7Ibm Websphere Application Server 8.5.5.1Ibm Websphere Application Server 8.5.5.2Ibm Websphere Application Server 8.0.0.4Ibm Websphere Application Server 8.0.0.5Ibm Websphere Application Server 8.5.0.2Ibm Websphere Application Server 8.5.5.0Ibm Websphere Application Server 8.0.0.2Ibm Websphere Application Server 8.0.0.3Ibm Websphere Application Server 8.5.0.0Ibm Websphere Application Server 8.5.0.1
5
CVSSv2
CVE-2014-6164
IBM WebSphere Application Server 8.0.x prior to 8.0.0.10 and 8.5.x prior to 8.5.5.4 allows remote malicious users to spoof OpenID and OpenID Connect cookies, and consequently obtain sensitive information, via a crafted URL.
Ibm Websphere Application Server 8.0.0.7Ibm Websphere Application Server 8.0.0.8Ibm Websphere Application Server 8.5.5.2Ibm Websphere Application Server 8.5.5.3Ibm Websphere Application Server 8.0.0.0Ibm Websphere Application Server 8.0.0.1Ibm Websphere Application Server 8.0.0.2Ibm Websphere Application Server 8.0.0.9Ibm Websphere Application Server 8.5.0.0Ibm Websphere Application Server 8.0.0.3Ibm Websphere Application Server 8.0.0.4Ibm Websphere Application Server 8.5.0.1Ibm Websphere Application Server 8.5.0.2Ibm Websphere Application Server 8.0.0.5Ibm Websphere Application Server 8.0.0.6Ibm Websphere Application Server 8.5.5.0Ibm Websphere Application Server 8.5.5.1
6
CVSSv2
CVE-2015-1936
The administrative console in IBM WebSphere Application Server (WAS) 8.0.0 prior to 8.0.0.11 and 8.5 prior to 8.5.5.6, when the Security feature is disabled, allows remote authenticated users to hijack sessions via the JSESSIONID parameter.
Ibm Websphere Application Server 8.0.0.5Ibm Websphere Application Server 8.0.0.6Ibm Websphere Application Server 8.5.5.0Ibm Websphere Application Server 8.5.5.1Ibm Websphere Application Server 8.0.0.3Ibm Websphere Application Server 8.0.0.4Ibm Websphere Application Server 8.5.0.1Ibm Websphere Application Server 8.5.0.2Ibm Websphere Application Server 8.0.0.0Ibm Websphere Application Server 8.0.0.1Ibm Websphere Application Server 8.0.0.7Ibm Websphere Application Server 8.0.0.8Ibm Websphere Application Server 8.5.5.2Ibm Websphere Application Server 8.5.5.3Ibm Websphere Application Server 8.5.5.4Ibm Websphere Application Server 8.0.0.10Ibm Websphere Application Server 8.0.0.2Ibm Websphere Application Server 8.0.0.9Ibm Websphere Application Server 8.5.0.0Ibm Websphere Application Server 8.5.5.5
4.3
CVSSv2
CVE-2017-1501
IBM WebSphere Application Server 8.0, 8.5, and 9.0 could provide weaker than expected security after using the Admin Console to update the web services security bindings settings. IBM X-Force ID: 129576.
Ibm Websphere Application Server 9.0.0.4Ibm Websphere Application Server 8.5.5.11Ibm Websphere Application Server 8.5.5.10Ibm Websphere Application Server 8.0.0.0Ibm Websphere Application Server 8.0.0.1Ibm Websphere Application Server 8.0.0.6Ibm Websphere Application Server 8.0.0.7Ibm Websphere Application Server 8.0.0.8Ibm Websphere Application Server 8.0.0.9Ibm Websphere Application Server 9.0.0.0Ibm Websphere Application Server 9.0.0.2Ibm Websphere Application Server 8.0.0.2Ibm Websphere Application Server 8.0.0.4Ibm Websphere Application Server 8.0.0.11Ibm Websphere Application Server 8.0.0.13Ibm Websphere Application Server 9.0.0.1Ibm Websphere Application Server 9.0.0.3Ibm Websphere Application Server 8.0.0.3Ibm Websphere Application Server 8.0.0.5Ibm Websphere Application Server 8.0.0.10Ibm Websphere Application Server 8.0.0.12
4
CVSSv2
CVE-2015-5004
The Edge Component Caching Proxy in IBM WebSphere Application Server (WAS) 8.0 prior to 8.0.0.12 and 8.5 prior to 8.5.5.8 does not properly encrypt data, which allows remote authenticated users to obtain sensitive information via unspecified vectors.
Ibm Websphere Application Server 8.0.0.4Ibm Websphere Application Server 8.5.0.0Ibm Websphere Application Server 8.5.5.1Ibm Websphere Application Server 8.5.5.2Ibm Websphere Application Server 8.5.5.6Ibm Websphere Application Server 8.5.5.7Ibm Websphere Application Server 8.0.0.2Ibm Websphere Application Server 8.0.0.3Ibm Websphere Application Server 8.5.5.0Ibm Websphere Application Server 8.0.0.8Ibm Websphere Application Server 8.5.5.4Ibm Websphere Application Server 8.5.5.5Ibm Websphere Application Server 8.5.0.1Ibm Websphere Application Server 8.0.0.5Ibm Websphere Application Server 8.0.0.6Ibm Websphere Application Server 8.0.0.9Ibm Websphere Application Server 8.5.5.3Ibm Websphere Application Server 8.0.0.0Ibm Websphere Application Server 8.0.0.1Ibm Websphere Application Server 8.5.0.2Ibm Websphere Application Server 8.0.0.7Ibm Websphere Application Server 8.0.0.11
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654CVE-2024-2757authentication bypassCVE-2024-3194CVE-2024-33640CVE-2024-21111dosinsecure direct object referenceCVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook