Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm websphere application server 8.5 vulnerabilities and exploits
(subscribe to this query)
5.3
CVSSv3
CVE-2019-4268
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote malicious user to traverse directories on the system. An attacker could send a specially-crafted URL containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID:...
Ibm Websphere Application Server
5.3
CVSSv3
CVE-2018-1996
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could provide weaker than expected security, caused by the improper TLS configuration. A remote attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 15...
Ibm Websphere Application Server
5.3
CVSSv3
CVE-2017-1423
IBM WebSphere Portal 8.5 and 9.0 exposes backend server URLs that are configured for usage by the Web Application Bridge component. IBM X-Force ID: 127476.
Ibm Websphere Portal 8.5.0.0
Ibm Websphere Portal 9.0.0.0
5.3
CVSSv3
CVE-2016-9736
IBM WebSphere Application Server using malformed SOAP requests could allow a remote malicious user to obtain sensitive information.
Ibm Websphere Application Server 8.0
Ibm Websphere Application Server 9.0
Ibm Websphere Application Server 8.5
4.3
CVSSv3
CVE-2020-4365
IBM WebSphere Application Server 8.5 is vulnerable to server-side request forgery. By sending a specially crafted request, a remote authenticated attacker could exploit this vulnerability to obtain sensitive data. IBM X-Force ID: 178964.
Ibm Websphere Application Server
4.3
CVSSv3
CVE-2020-4329
IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0 and Liberty 17.0.0.3 up to and including 20.0.0.4 could allow a remote, authenticated malicious user to obtain sensitive information, caused by improper parameter checking. This could be exploited to conduct spoofing attacks. IB...
Ibm Websphere Application Server
4.3
CVSSv3
CVE-2019-4442
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9,0 could allow a remote malicious user to traverse directories on the file system. An attacker could send a specially-crafted URL request to view arbitrary files on the system but not content. IBM X-Force ID: 163226.
Ibm Websphere Application Server
4.3
CVSSv3
CVE-2018-1902
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote malicious user to spoof connection information which could be used to launch further attacks against the system. IBM X-Force ID: 152531.
Ibm Websphere Application Server
4.3
CVSSv3
CVE-2017-1743
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote malicious user to obtain sensitive information caused by improper handling of Administrative Console panel fields. When exploited an attacker could browse the file system. IBM X-Force ID: 134933.
Ibm Websphere Application Server 7.0
Ibm Websphere Application Server 8.5
Ibm Websphere Application Server 9.0
Ibm Websphere Application Server 8.0
4.3
CVSSv3
CVE-2017-1741
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote malicious user to obtain sensitive information caused by improper handling of Administrative Console panel fields. When exploited an attacker could read files on the file system. IBM X-Force ID: 134931.
Ibm Websphere Application Server 7.0
Ibm Websphere Application Server 8.0
Ibm Websphere Application Server 8.5
Ibm Websphere Application Server 9.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »