Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

ibm websphere application server 8.5.5.8 vulnerabilities and exploits

(subscribe to this query)
534
VMScore
CVE-2016-2945
The API Discovery implementation in IBM WebSphere Application Server (WAS) 8.5.5.8 up to and including 8.5.5.9 Liberty before Liberty Fix Pack 16.0.0.2 allows remote authenticated users to gain privileges via an external reference in a Swagger document.
Ibm Websphere Application Server 8.5.5.8Ibm Websphere Application Server 8.5.5.9
445
VMScore
CVE-2016-0389
Admin Center in IBM WebSphere Application Server (WAS) 8.5.5.2 up to and including 8.5.5.9 Liberty before Liberty Fix Pack 16.0.0.2 allows remote malicious users to obtain sensitive information via unspecified vectors.
Ibm Websphere Application Server 8.5.5.9Ibm Websphere Application Server 8.5.5.8Ibm Websphere Application Server 8.5.5.3Ibm Websphere Application Server 8.5.5.2Ibm Websphere Application Server 8.5.5.7Ibm Websphere Application Server 8.5.5.6Ibm Websphere Application Server 8.5.5.5Ibm Websphere Application Server 8.5.5.4
383
VMScore
CVE-2016-0283
Cross-site scripting (XSS) vulnerability in the OpenID Connect (OIDC) client web application in IBM WebSphere Application Server (WAS) Liberty Profile 8.5.5 prior to 8.5.5.9 allows remote malicious users to inject arbitrary web script or HTML via a crafted URL.
Ibm Websphere Application Server 8.5.5.4Ibm Websphere Application Server 8.5.5.3Ibm Websphere Application Server 8.5.5.2Ibm Websphere Application Server 8.5.5.8Ibm Websphere Application Server 8.5.5.7Ibm Websphere Application Server 8.5.5.6Ibm Websphere Application Server 8.5.5.5Ibm Websphere Application Server 8.5.5.1Ibm Websphere Application Server 8.5.5.0
445
VMScore
CVE-2016-2923
IBM WebSphere Application Server (WAS) 8.5 up to and including 8.5.5.9 Liberty before Liberty Fix Pack 16.0.0.2 does not include the HTTPOnly flag in a Set-Cookie header for an unspecified JAX-RS API cookie, which makes it easier for remote malicious users to obtain potentially s...
Ibm Websphere Application Server 8.5.5.9Ibm Websphere Application Server 8.5.5.8Ibm Websphere Application Server 8.5.5.1Ibm Websphere Application Server 8.5.5.0Ibm Websphere Application Server 8.5.5.3Ibm Websphere Application Server 8.5.5.2Ibm Websphere Application Server 8.5.5.7Ibm Websphere Application Server 8.5.5.6Ibm Websphere Application Server 8.5.5.5Ibm Websphere Application Server 8.5.5.4
312
VMScore
CVE-2016-8934
IBM WebSphere Application Server is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
Ibm Websphere Application Server 8.5.5.4Ibm Websphere Application Server 9.0.0.0Ibm Websphere Application Server 8.5.5.10Ibm Websphere Application Server 8.5.5.5Ibm Websphere Application Server 8.5.5.1Ibm Websphere Application Server 8.5.5.3Ibm Websphere Application Server 8.5.5.6Ibm Websphere Application Server 8.5.5.0Ibm Websphere Application Server 8.5.5.2Ibm Websphere Application Server 9.0.0.2Ibm Websphere Application Server 9.0.0.1Ibm Websphere Application Server 8.5.5.9Ibm Websphere Application Server 8.5.5.8Ibm Websphere Application Server 8.5.5.7Ibm Websphere Application Server 8.5.5.11
383
VMScore
CVE-2015-2017
CRLF injection vulnerability in IBM WebSphere Application Server (WAS) 6.1 up to and including 6.1.0.47, 7.0 prior to 7.0.0.39, 8.0 prior to 8.0.0.12, and 8.5 prior to 8.5.5.8 allows remote malicious users to inject arbitrary HTTP headers and conduct HTTP response splitting attac...
Ibm Websphere Application Server 6.1.0.0Ibm Websphere Application Server 6.1.0.1Ibm Websphere Application Server 6.1.0.19Ibm Websphere Application Server 6.1.0.2Ibm Websphere Application Server 6.1.0.31Ibm Websphere Application Server 6.1.0.33Ibm Websphere Application Server 6.1.0.35Ibm Websphere Application Server 6.1.0.5Ibm Websphere Application Server 6.1.0.7Ibm Websphere Application Server 7.0.0.13Ibm Websphere Application Server 7.0.0.14Ibm Websphere Application Server 7.0.0.22Ibm Websphere Application Server 7.0.0.23Ibm Websphere Application Server 7.0.0.32Ibm Websphere Application Server 7.0.0.33Ibm Websphere Application Server 7.0.0.6Ibm Websphere Application Server 7.0.0.7Ibm Websphere Application Server 8.0.0.3Ibm Websphere Application Server 8.0.0.4Ibm Websphere Application Server 8.5.5.1Ibm Websphere Application Server 8.5.5.2Ibm Websphere Application Server 6.1.0.13
356
VMScore
CVE-2015-5004
The Edge Component Caching Proxy in IBM WebSphere Application Server (WAS) 8.0 prior to 8.0.0.12 and 8.5 prior to 8.5.5.8 does not properly encrypt data, which allows remote authenticated users to obtain sensitive information via unspecified vectors.
Ibm Websphere Application Server 8.0.0.4Ibm Websphere Application Server 8.5.0.0Ibm Websphere Application Server 8.5.5.1Ibm Websphere Application Server 8.5.5.2Ibm Websphere Application Server 8.5.5.6Ibm Websphere Application Server 8.5.5.7Ibm Websphere Application Server 8.0.0.2Ibm Websphere Application Server 8.0.0.3Ibm Websphere Application Server 8.5.5.0Ibm Websphere Application Server 8.0.0.8Ibm Websphere Application Server 8.5.5.4Ibm Websphere Application Server 8.5.5.5Ibm Websphere Application Server 8.5.0.1Ibm Websphere Application Server 8.0.0.5Ibm Websphere Application Server 8.0.0.6Ibm Websphere Application Server 8.0.0.9Ibm Websphere Application Server 8.5.5.3Ibm Websphere Application Server 8.0.0.0Ibm Websphere Application Server 8.0.0.1Ibm Websphere Application Server 8.5.0.2Ibm Websphere Application Server 8.0.0.7Ibm Websphere Application Server 8.0.0.11
383
VMScore
CVE-2016-0306
IBM WebSphere Application Server (WAS) 7.0 prior to 7.0.0.41, 8.0 prior to 8.0.0.13, and 8.5 prior to 8.5.5.10, when FIPS 140-2 is enabled, misconfigures TLS, which allows man-in-the-middle malicious users to obtain sensitive information via unspecified vectors.
Ibm Websphere Application Server 8.5.5.5Ibm Websphere Application Server 8.5.5.4Ibm Websphere Application Server 8.5.0.0Ibm Websphere Application Server 8.0.0.11Ibm Websphere Application Server 8.0.0.3Ibm Websphere Application Server 8.0.0.2Ibm Websphere Application Server 7.0.0.31Ibm Websphere Application Server 7.0.0.29Ibm Websphere Application Server 7.0.0.17Ibm Websphere Application Server 7.0.0.13Ibm Websphere Application Server 7.0.0.1Ibm Websphere Application Server 7.0.0.0Ibm Websphere Application Server 8.0.0.12Ibm Websphere Application Server 8.5.5.3Ibm Websphere Application Server 8.5.5.2Ibm Websphere Application Server 8.0.0.10Ibm Websphere Application Server 8.0.0.9Ibm Websphere Application Server 8.0.0.1Ibm Websphere Application Server 8.0.0.0Ibm Websphere Application Server 7.0.0.27Ibm Websphere Application Server 7.0.0.25Ibm Websphere Application Server 7.0.0.11
312
VMScore
CVE-2015-7417
Cross-site scripting (XSS) vulnerability in IBM WebSphere Application Server 7.0 prior to 7.0.0.41, 8.0 prior to 8.0.0.12, and 8.5 prior to 8.5.5.9 allows remote authenticated users to inject arbitrary web script or HTML via crafted data from an OAuth provider.
Ibm Websphere Application Server 8.5.5.3Ibm Websphere Application Server 8.5.5.2Ibm Websphere Application Server 8.0.0.10Ibm Websphere Application Server 8.0.0.9Ibm Websphere Application Server 8.0.0.2Ibm Websphere Application Server 8.0.0.1Ibm Websphere Application Server 7.0.0.27Ibm Websphere Application Server 7.0.0.25Ibm Websphere Application Server 7.0.0.11Ibm Websphere Application Server 7.0.0.4Ibm Websphere Application Server 7.0.0.0Ibm Websphere Application Server 8.5.5.5Ibm Websphere Application Server 8.5.5.4Ibm Websphere Application Server 8.5.0.0Ibm Websphere Application Server 8.0.0.11Ibm Websphere Application Server 8.0.0.4Ibm Websphere Application Server 8.0.0.3Ibm Websphere Application Server 7.0.0.31Ibm Websphere Application Server 7.0.0.29Ibm Websphere Application Server 7.0.0.17Ibm Websphere Application Server 7.0.0.13Ibm Websphere Application Server 7.0.0.2
383
VMScore
CVE-2016-0359
CRLF injection vulnerability in IBM WebSphere Application Server (WAS) 7.0 prior to 7.0.0.43, 8.0 prior to 8.0.0.13, 8.5 Full prior to 8.5.5.10, and 8.5 Liberty before Liberty Fix Pack 16.0.0.2 allows remote malicious users to inject arbitrary HTTP headers and conduct HTTP respon...
Ibm Websphere Application Server 8.5.5.6Ibm Websphere Application Server 8.5.5.5Ibm Websphere Application Server 8.0.0.5Ibm Websphere Application Server 8.0.0.4Ibm Websphere Application Server 8.0Ibm Websphere Application Server 7.0.0.39Ibm Websphere Application Server 7.0.0.41Ibm Websphere Application Server 7.0.0.38Ibm Websphere Application Server 7.0.0.31Ibm Websphere Application Server 7.0.0.3Ibm Websphere Application Server 7.0.0.21Ibm Websphere Application Server 7.0.0.2Ibm Websphere Application Server 7.0.0.13Ibm Websphere Application Server 7.0.0.12Ibm Websphere Application Server 8.5.5.4Ibm Websphere Application Server 8.5.0.0Ibm Websphere Application Server 8.0.0.3Ibm Websphere Application Server 8.0.0.2Ibm Websphere Application Server 7.0.0.9Ibm Websphere Application Server 7.0.0.8Ibm Websphere Application Server 7.0.0.37Ibm Websphere Application Server 8.5.5.8
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2006-4304CVE-2024-4240arbitrary CVE-2024-31601XSSCVE-2023-20198CVE-2024-4256CVE-2024-3342encryption
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook