Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
websphere_application_server vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-23477
IBM WebSphere Application Server 8.5 and 9.0 traditional could allow a remote malicious user to execute arbitrary code on the system with a specially crafted sequence of serialized objects. IBM X-Force ID: 245513.
Ibm Websphere Application Server 8.5
Ibm Websphere Application Server 9.0
8.8
CVSSv3
CVE-2021-29736
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote user to gain elevated privileges on the system. IBM X-Force ID: 201300.
Ibm Websphere Application Server
8.8
CVSSv3
CVE-2021-29754
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to a privilege escalation vulnerability when using the SAML Web Inbound Trust Association Interceptor (TAI). IBM X-Force ID: 202006.
Ibm Websphere Application Server
8.2
CVSSv3
CVE-2020-4949
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 192025.
Ibm Websphere Application Server
7.5
CVSSv3
CVE-2022-43917
IBM WebSphere Application Server 8.5 and 9.0 traditional container uses weaker than expected cryptographic keys that could allow an malicious user to decrypt sensitive information. This affects only the containerized version of WebSphere Application Server traditional. IBM X-For...
Ibm Websphere Application Server 8.5
Ibm Websphere Application Server 9.0
7.5
CVSSv3
CVE-2021-38951
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to a denial of service, caused by sending a specially-crafted request. A remote attacker could exploit this vulnerability to cause the server to consume all available CPU resources. IBM X-Force ID: 211405.
Ibm Websphere Application Server 9.0
Ibm Websphere Application Server 7.0
Ibm Websphere Application Server 8.0
Ibm Websphere Application Server 8.5
7.5
CVSSv3
CVE-2021-20354
IBM WebSphere Application Server 8.0, 8.5, and 9.0 could allow a remote malicious user to traverse directories. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 194883.
Ibm Websphere Application Server
6.5
CVSSv3
CVE-2022-22310
IBM WebSphere Application Server Liberty 21.0.0.10 up to and including 21.0.0.12 could provide weaker than expected security. A remote attacker could exploit this weakness to obtain sensitive information and gain unauthorized access to JAX-WS applications. IBM X-Force ID: 217224.
Ibm Websphere Application Server
6.5
CVSSv3
CVE-2021-20480
IBM WebSphere Application Server 7.0, 8.0, and 8.5 is vulnerable to server-side request forgery (SSRF). By sending a specially crafted request, a remote authenticated attacker could exploit this vulnerability to obtain sensitive data. IBM X-Force ID: 197502.
Ibm Websphere Application Server
6.1
CVSSv3
CVE-2022-22477
IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IB...
Ibm Websphere Application Server 9.0
Ibm Websphere Application Server 8.5
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-3675
CVE-2024-3400
CVE-2024-23557
mass assignment
CVE-2023-1389
local file inclusion
CVE-2024-32596
file upload
CVE-2024-32593
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »