Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm websphere application server 8.5 vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2018-1840
IBM WebSphere Application Server 8.5 and 9.0 could allow a remote malicious user to gain elevated privileges on the system, caused when a security domain is configured to use a federated repository other than global federated repository and then migrated to a newer release of Web...
Ibm Websphere Application Server
6.8
CVSSv2
CVE-2017-1137
IBM WebSphere Application Server 8.0 and 8.5.5 could provide weaker than expected security. A remote attacker could exploit this weakness to obtain sensitive information and gain unauthorized access to the admin console. IBM X-Force ID: 121549.
Ibm Websphere Application Server 8.5
Ibm Websphere Application Server 8.5.5
Ibm Websphere Application Server 8.0
6.8
CVSSv2
CVE-2017-1194
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site request forgery which could allow an malicious user to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 123669.
Ibm Websphere Application Server 7.0
Ibm Websphere Application Server 8.0
Ibm Websphere Application Server 8.5
Ibm Websphere Application Server 9.0
6.8
CVSSv2
CVE-2017-1151
IBM WebSphere Application Server 8.0, 8.5, 8.5.5, and 9.0 using OpenID Connect (OIDC) configured with a Trust Association Interceptor (TAI) could allow a user to gain elevated privileges on the system. IBM Reference #: 1999293.
Ibm Websphere Application Server 8.5.5
Ibm Websphere Application Server 9.0
Ibm Websphere Application Server 8.0
Ibm Websphere Application Server 8.5
6.8
CVSSv2
CVE-2015-1927
The default configuration of IBM WebSphere Application Server (WAS) 7.0.0 prior to 7.0.0.39, 8.0.0 prior to 8.0.0.11, and 8.5 prior to 8.5.5.6 has a false value for the com.ibm.ws.webcontainer.disallowServeServletsByClassname WebContainer property, which allows remote malicious u...
Ibm Websphere Application Server 7.0.0.13
Ibm Websphere Application Server 7.0.0.11
Ibm Websphere Application Server 7.0.0.12
Ibm Websphere Application Server 7.0.0.19
Ibm Websphere Application Server 7.0.0.2
Ibm Websphere Application Server 7.0.0.29
Ibm Websphere Application Server 7.0.0.3
Ibm Websphere Application Server 7.0.0.4
Ibm Websphere Application Server 7.0.0.5
Ibm Websphere Application Server 8.0.0.10
Ibm Websphere Application Server 8.0.0.2
Ibm Websphere Application Server 8.0.0.9
Ibm Websphere Application Server 8.5.0.0
Ibm Websphere Application Server 8.5.5.5
Ibm Websphere Application Server 7.0
Ibm Websphere Application Server 7.0.0.1
Ibm Websphere Application Server 7.0.0.10
Ibm Websphere Application Server 7.0.0.17
Ibm Websphere Application Server 7.0.0.18
Ibm Websphere Application Server 7.0.0.25
Ibm Websphere Application Server 7.0.0.27
Ibm Websphere Application Server 7.0.0.37
6.8
CVSSv2
CVE-2013-4053
The WS-Security implementation in IBM WebSphere Application Server (WAS) 6.1 prior to 6.1.0.47, 7.0 prior to 7.0.0.31, 8.0 prior to 8.0.0.8, and 8.5 prior to 8.5.5.1, and WAS Feature Pack for Web Services 6.1 prior to 6.1.0.47, when a trust store is configured for XML Digital Sig...
Ibm Websphere Application Server 8.5.0.2
Ibm Websphere Application Server 8.5.5.0
Ibm Websphere Application Server 8.5.0.0
Ibm Websphere Application Server 8.5.0.1
Ibm Websphere Application Server 7.0.0.14
Ibm Websphere Application Server 7.0.0.15
Ibm Websphere Application Server 7.0.0.22
Ibm Websphere Application Server 7.0.0.23
Ibm Websphere Application Server 7.0.0.6
Ibm Websphere Application Server 7.0.0.7
Ibm Websphere Application Server 7.0.0.10
Ibm Websphere Application Server 7.0.0.11
Ibm Websphere Application Server 7.0.0.18
Ibm Websphere Application Server 7.0.0.19
Ibm Websphere Application Server 7.0.0.27
Ibm Websphere Application Server 7.0.0.29
Ibm Websphere Application Server 7.0
Ibm Websphere Application Server 7.0.0.1
Ibm Websphere Application Server 7.0.0.16
Ibm Websphere Application Server 7.0.0.17
Ibm Websphere Application Server 7.0.0.24
Ibm Websphere Application Server 7.0.0.25
6.8
CVSSv2
CVE-2013-3029
Cross-site request forgery (CSRF) vulnerability in the Administrative console in IBM WebSphere Application Server (WAS) 6.1 prior to 6.1.0.47, 7.0 prior to 7.0.0.31, 8.0 prior to 8.0.0.7, and 8.5 prior to 8.5.5.1 allows remote malicious users to hijack the authentication of arbit...
Ibm Websphere Application Server 8.0.0.0
Ibm Websphere Application Server 8.0.0.1
Ibm Websphere Application Server 8.0.0.2
Ibm Websphere Application Server 8.0.0.3
Ibm Websphere Application Server 8.0.0.4
Ibm Websphere Application Server 8.0.0.5
Ibm Websphere Application Server 8.0.0.6
Ibm Websphere Application Server 7.0.0.29
Ibm Websphere Application Server 7.0
Ibm Websphere Application Server 7.0.0.15
Ibm Websphere Application Server 7.0.0.16
Ibm Websphere Application Server 7.0.0.23
Ibm Websphere Application Server 7.0.0.24
Ibm Websphere Application Server 7.0.0.7
Ibm Websphere Application Server 7.0.0.8
Ibm Websphere Application Server 7.0.0.9
Ibm Websphere Application Server 7.0.0.1
Ibm Websphere Application Server 7.0.0.10
Ibm Websphere Application Server 7.0.0.17
Ibm Websphere Application Server 7.0.0.18
Ibm Websphere Application Server 7.0.0.25
Ibm Websphere Application Server 7.0.0.27
6.8
CVSSv2
CVE-2013-0543
IBM WebSphere Application Server (WAS) 6.1 prior to 6.1.0.47, 7.0 prior to 7.0.0.29, 8.0 prior to 8.0.0.6, and 8.5 prior to 8.5.0.2 on Linux, Solaris, and HP-UX, when a Local OS registry is used, does not properly validate user accounts, which allows remote malicious users to byp...
Ibm Websphere Application Server 6.1.0.0
Ibm Websphere Application Server 6.1.0.1
Ibm Websphere Application Server 6.1.0.2
Ibm Websphere Application Server 6.1.0.3
Ibm Websphere Application Server 6.1.0.5
Ibm Websphere Application Server 6.1.0.7
Ibm Websphere Application Server 6.1.0.9
Ibm Websphere Application Server 6.1.0.11
Ibm Websphere Application Server 6.1.0.12
Ibm Websphere Application Server 6.1.0.13
Ibm Websphere Application Server 6.1.0.14
Ibm Websphere Application Server 6.1.0.15
Ibm Websphere Application Server 6.1.0.17
Ibm Websphere Application Server 6.1.0.19
Ibm Websphere Application Server 6.1.0.21
Ibm Websphere Application Server 6.1.0.23
Ibm Websphere Application Server 6.1.0.25
Ibm Websphere Application Server 6.1.0.27
Ibm Websphere Application Server 6.1.0.29
Ibm Websphere Application Server 6.1.0.31
Ibm Websphere Application Server 6.1.0.33
Ibm Websphere Application Server 6.1.0.35
6.8
CVSSv2
CVE-2012-4853
Cross-site request forgery (CSRF) vulnerability in IBM WebSphere Application Server 6.1 prior to 6.1.0.45, 7.0 prior to 7.0.0.25, 8.0 prior to 8.0.0.5, and 8.5 prior to 8.5.0.1 allows remote malicious users to hijack the authentication of arbitrary users for requests that trigger...
Ibm Websphere Application Server 6.1.13
Ibm Websphere Application Server 6.1.0.29
Ibm Websphere Application Server 6.1.0.19
Ibm Websphere Application Server 6.1.0.2
Ibm Websphere Application Server 6.1.0.3
Ibm Websphere Application Server 6.1.0
Ibm Websphere Application Server 6.1.0.27
Ibm Websphere Application Server 6.1.0.39
Ibm Websphere Application Server 6.1.14
Ibm Websphere Application Server 6.1.0.35
Ibm Websphere Application Server 6.1.0.37
Ibm Websphere Application Server 6.1.0.21
Ibm Websphere Application Server 6.1.0.7
Ibm Websphere Application Server 6.1.0.17
Ibm Websphere Application Server 6.1.0.12
Ibm Websphere Application Server 6.1.0.11
Ibm Websphere Application Server 6.1.6
Ibm Websphere Application Server 6.1.5
Ibm Websphere Application Server 6.1.0.23
Ibm Websphere Application Server 6.1.0.1
Ibm Websphere Application Server 6.1.0.0
Ibm Websphere Application Server 6.1.0.25
6.8
CVSSv2
CVE-2012-3304
The Administrative Console in IBM WebSphere Application Server (WAS) 6.1 prior to 6.1.0.45, 7.0 prior to 7.0.0.25, 8.0 prior to 8.0.0.5, and 8.5 prior to 8.5.0.1 allows remote malicious users to hijack sessions via unspecified vectors.
Ibm Websphere Application Server 6.1.0.4
Ibm Websphere Application Server 6.1.0.5
Ibm Websphere Application Server 7.0.0.9
Ibm Websphere Application Server 6.1.0.35
Ibm Websphere Application Server 6.1.0.43
Ibm Websphere Application Server 6.1.0.17
Ibm Websphere Application Server 6.1.0.7
Ibm Websphere Application Server 6.1.0.19
Ibm Websphere Application Server 6.1.0.29
Ibm Websphere Application Server 6.1.0.39
Ibm Websphere Application Server 7.0.0.13
Ibm Websphere Application Server 8.0.0.1
Ibm Websphere Application Server 7.0.0.10
Ibm Websphere Application Server 6.1.0.2
Ibm Websphere Application Server 6.1.0.3
Ibm Websphere Application Server 7.0.0.3
Ibm Websphere Application Server 7.0.0.2
Ibm Websphere Application Server 6.1.0.0
Ibm Websphere Application Server 6.1.0.1
Ibm Websphere Application Server 7.0.0.4
Ibm Websphere Application Server 7.0.0.21
Ibm Websphere Application Server 6.1.0.9
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalation
CVE-2024-20696
CVE-2024-29829
CVE-2024-33999
CVE-2024-35646
physical
CVE-2024-24919
CVE-2024-31030
local users
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »