Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
websphere application server vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-40750
IBM WebSphere Application Server 8.5, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. I...
Ibm Websphere Application Server 8.5
Ibm Websphere Application Server 9.0
NA
CVE-2022-38712
"IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Web services could allow a man-in-the-middle malicious user to conduct SOAPAction spoofing to execute unwanted or unauthorized operations. IBM X-Force ID: 234762."
Ibm Websphere Application Server
NA
CVE-2022-35282
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to server-side request forgery (SSRF). By sending a specially crafted request, an attacker with local network access could exploit this vulnerability to obtain sensitive data.
Ibm Websphere Application Server
NA
CVE-2022-34336
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted ...
Ibm Websphere Application Server 9.0
Ibm Websphere Application Server 7.0
Ibm Websphere Application Server 8.0
Ibm Websphere Application Server 8.5
NA
CVE-2022-34165
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 up to and including 22.0.0.9 are vulnerable to HTTP header injection, caused by improper validation. This could allow an malicious user to conduct various attacks against...
Ibm Websphere Application Server
NA
CVE-2022-22477
IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IB...
Ibm Websphere Application Server 9.0
Ibm Websphere Application Server 8.5
NA
CVE-2022-22473
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote malicious user to obtain sensitive information caused by improper handling of Administrative Console data. This information could be used in further attacks against the system. IBM X-Force ID: 225347.
Ibm Websphere Application Server
535
VMScore
CVE-2022-22476
IBM WebSphere Application Server Liberty 17.0.0.3 up to and including 22.0.0.7 and Open Liberty are vulnerable to identity spoofing by an authenticated user using a specially crafted request. IBM X-Force ID: 225604.
Ibm Websphere Application Server
Ibm Open Liberty
384
VMScore
CVE-2022-22365
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0, with the Ajax Proxy Web Application (AjaxProxy.war) deployed, is vulnerable to spoofing by allowing a man-in-the-middle malicious user to spoof SSL server hostnames. IBM X-Force ID: 220904.
Ibm Websphere Application Server
357
VMScore
CVE-2022-22475
IBM WebSphere Application Server Liberty and Open Liberty 17.0.0.3 up to and including 22.0.0.5 are vulnerable to identity spoofing by an authenticated user. IBM X-Force ID: 225603.
Ibm Websphere Application Server
Ibm Open Liberty
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581
reflected XSS
CVE-2024-26925
CVE-2024-27956
LFI
CVE-2024-3607
CVE-2024-3107
CVE-2024-3295
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »