Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm websphere application server 9.0 vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2017-1503
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to HTTP response splitting attacks. A remote attacker could exploit this vulnerability using specially-crafted URL to cause the server to return a split response, once the URL is clicked. This would allow the m...
Ibm Websphere Application Server 7.0
Ibm Websphere Application Server 8.0
Ibm Websphere Application Server 8.5
Ibm Websphere Application Server 9.0
5.9
CVSSv3
CVE-2022-38712
"IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Web services could allow a man-in-the-middle malicious user to conduct SOAPAction spoofing to execute unwanted or unauthorized operations. IBM X-Force ID: 234762."
Ibm Websphere Application Server
5.9
CVSSv3
CVE-2022-22365
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0, with the Ajax Proxy Web Application (AjaxProxy.war) deployed, is vulnerable to spoofing by allowing a man-in-the-middle malicious user to spoof SSL server hostnames. IBM X-Force ID: 220904.
Ibm Websphere Application Server
5.9
CVSSv3
CVE-2018-1719
IBM WebSphere Application Server 8.5 and 9.0 could provide weaker than expected security under certain conditions. This could result in a downgrade of TLS protocol. A remote attacker could exploit this vulnerability to perform man-in-the-middle attacks. IBM X-Force ID: 147292.
Ibm Websphere Application Server
5.9
CVSSv3
CVE-2017-1501
IBM WebSphere Application Server 8.0, 8.5, and 9.0 could provide weaker than expected security after using the Admin Console to update the web services security bindings settings. IBM X-Force ID: 129576.
Ibm Websphere Application Server 9.0.0.4
Ibm Websphere Application Server 8.5.5.11
Ibm Websphere Application Server 8.5.5.10
Ibm Websphere Application Server 8.0.0.0
Ibm Websphere Application Server 8.0.0.1
Ibm Websphere Application Server 8.0.0.6
Ibm Websphere Application Server 8.0.0.7
Ibm Websphere Application Server 8.0.0.8
Ibm Websphere Application Server 8.0.0.9
Ibm Websphere Application Server 9.0.0.0
Ibm Websphere Application Server 9.0.0.2
Ibm Websphere Application Server 8.0.0.2
Ibm Websphere Application Server 8.0.0.4
Ibm Websphere Application Server 8.0.0.11
Ibm Websphere Application Server 8.0.0.13
Ibm Websphere Application Server 9.0.0.1
Ibm Websphere Application Server 9.0.0.3
Ibm Websphere Application Server 8.0.0.3
Ibm Websphere Application Server 8.0.0.5
Ibm Websphere Application Server 8.0.0.10
Ibm Websphere Application Server 8.0.0.12
5.5
CVSSv3
CVE-2023-35890
IBM WebSphere Application Server 8.5 and 9.0 could provide weaker than expected security, caused by the improper encoding in a local configuration file. IBM X-Force ID: 258637.
Ibm Websphere Application Server 9.0.5.16
Ibm Websphere Application Server 9.0.5.15
Ibm Websphere Application Server 8.5.5.23
5.5
CVSSv3
CVE-2018-1797
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 using Enterprise bundle Archives (EBA) could allow a local malicious user to traverse directories on the system. By persuading a victim to extract a specially-crafted ZIP archive containing "dot dot slash" sequence...
Ibm Websphere Application Server
5.4
CVSSv3
CVE-2023-26283
IBM WebSphere Application Server 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Forc...
Ibm Websphere Application Server 9.0
5.4
CVSSv3
CVE-2022-40750
IBM WebSphere Application Server 8.5, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. I...
Ibm Websphere Application Server 8.5
Ibm Websphere Application Server 9.0
5.4
CVSSv3
CVE-2022-34336
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted ...
Ibm Websphere Application Server 9.0
Ibm Websphere Application Server 7.0
Ibm Websphere Application Server 8.0
Ibm Websphere Application Server 8.5
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »