Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
integration bus vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-22332
The IBM Integration Bus for z/OS 10.1 up to and including 10.1.0.2 AdminAPI is vulnerable to a denial of service due to file system exhaustion. IBM X-Force ID: 279972.
Ibm Integration Bus
4.3
CVSSv2
CVE-2016-8918
IBM Integration Bus, under non default configurations, could allow a remote user to authenticate without providing valid credentials.
Ibm Integration Bus 10.0
3.2
CVSSv2
CVE-2015-5011
IBM WebSphere Message Broker 8 prior to 8.0.0.6 and Integration Bus 9 prior to 9.0.0.4 do not check authorization for MQSISTARTMSGFLOW and MQSISTOPMSGFLOW commands, which allows local users to bypass intended access restrictions, and start or stop a service, by issuing a command.
Ibm Websphere Message Broker 8.0
Ibm Websphere Message Broker 8.0.0.2
Ibm Websphere Message Broker 8.0.0.3
Ibm Websphere Message Broker 8.0.0.4
Ibm Websphere Message Broker 8.0.0.5
Ibm Websphere Message Broker 8.0.0.1
Ibm Integration Bus 9.0
Ibm Integration Bus 9.0.0.2
Ibm Integration Bus 9.0.0.3
Ibm Integration Bus 9.0.0.1
2.1
CVSSv2
CVE-2016-0394
IBM Integration Bus and WebSphere Message broker sets incorrect permissions for an object that could allow a local malicious user to manipulate certain files.
Ibm Websphere Message Broker 8.0.0.3
Ibm Websphere Message Broker 8.0.0.4
Ibm Websphere Message Broker 8.0.0.5
Ibm Integration Bus 10.0
Ibm Websphere Message Broker 8.0.0.1
Ibm Integration Bus 9.0.0.1
Ibm Websphere Message Broker 8.0
Ibm Websphere Message Broker 8.0.0.2
Ibm Integration Bus 9.0
Ibm Integration Bus 9.0.0.2
6.8
CVSSv2
CVE-2018-2876
Vulnerability in the Oracle Retail Integration Bus component of Oracle Retail Applications (subcomponent: RIB Kernal(Apache Commons Collections)). The supported version that is affected is 13.2. Easily exploitable vulnerability allows unauthenticated attacker with network access ...
Oracle Retail Integration Bus 13.2
4.3
CVSSv2
CVE-2014-4820
Cross-site scripting (XSS) vulnerability in IBM Integration Bus Manufacturing Pack 1.x prior to 1.0.0.1 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Ibm Integration Bus Manufacturing Pack 1.0.0.0
3.6
CVSSv2
CVE-2017-1418
IBM Integration Bus 9.0.0.0, 9.0.0.11, 10.0.0.0, and 10.0.0.14 (including IBM WebSphere Message Broker 8.0.0.0 and 8.0.0.9) has insecure permissions on certain files. A local attacker could exploit this vulnerability to modify or delete these files with an unknown impact. IBM X-F...
Ibm Integration Bus
Ibm Websphere Message Broker
4
CVSSv2
CVE-2014-4819
The web user interface in IBM WebSphere Message Broker 8.0 prior to 8.0.0.6 and IBM Integration Bus 9.0 prior to 9.0.0.3 allows remote authenticated users to obtain sensitive information by reading the error page.
Ibm Websphere Message Broker 8.0.0.2
Ibm Websphere Message Broker 8.0.0.1
Ibm Websphere Message Broker 8.0.0.5
Ibm Websphere Message Broker 8.0.0.4
Ibm Websphere Message Broker 8.0.0.3
Ibm Websphere Message Broker 8.0
Ibm Integration Bus 9.0
Ibm Integration Bus 9.0.0.1
Ibm Integration Bus 9.0.0.2
NA
CVE-2023-45176
IBM App Connect Enterprise 11.0.0.1 up to and including 11.0.0.23, 12.0.1.0 up to and including 12.0.10.0 and IBM Integration Bus 10.1 up to and including 10.1.0.1 are vulnerable to a denial of service for integration nodes on Windows. IBM X-Force ID: 247998.
Ibm Integration Bus 10.1
Ibm App Connect Enterprise
5
CVSSv2
CVE-2018-1801
IBM App Connect V11.0.0.0 through V11.0.0.1, IBM Integration Bus V10.0.0.0 through V10.0.0.13, IBM Integration Bus V9.0.0.0 through V9.0.0.10, and WebSphere Message Broker V8.0.0.0 through V8.0.0.9 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML ...
Ibm Integration Bus
Ibm App Connect
Ibm Websphere Message Broker
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »