Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm websphere application server vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2022-22393
IBM WebSphere Application Server Liberty 17.0.0.3 up to and including 22.0.0.5 , with the adminCenter-1.0 feature configured, could allow an authenticated user to issue a request to obtain the status of HTTP/HTTPS ports which are accessible by the application server. IBM X-Force ...
Ibm Websphere Application Server
6.5
CVSSv3
CVE-2022-22310
IBM WebSphere Application Server Liberty 21.0.0.10 up to and including 21.0.0.12 could provide weaker than expected security. A remote attacker could exploit this weakness to obtain sensitive information and gain unauthorized access to JAX-WS applications. IBM X-Force ID: 217224.
Ibm Websphere Application Server
6.5
CVSSv3
CVE-2021-20480
IBM WebSphere Application Server 7.0, 8.0, and 8.5 is vulnerable to server-side request forgery (SSRF). By sending a specially crafted request, a remote authenticated attacker could exploit this vulnerability to obtain sensitive data. IBM X-Force ID: 197502.
Ibm Websphere Application Server
6.5
CVSSv3
CVE-2020-5016
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote malicious user to traverse directories on the system. When application security is disabled and JAX-RPC applications are present, an attacker could send a specially-crafted URL request containing "d...
Ibm Websphere Application Server
6.5
CVSSv3
CVE-2020-4782
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote malicious user to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system.
Ibm Websphere Application Server
6.5
CVSSv3
CVE-2020-4590
IBM WebSphere Application Server Liberty 17.0.0.3 up to and including 20.0.0.9 running oauth-2.0 or openidConnectServer-1.0 server features is vulnerable to a denial of service attack conducted by an authenticated client. IBM X-Force ID: 184650.
Ibm Websphere Application Server
6.5
CVSSv3
CVE-2020-4466
IBM MQ for HPE NonStop 8.0.4 and 8.1.0 could allow a remote authenticated attacker could cause a denial of service due to an error within the Queue processing function. IBM X-Force ID: 181563.
Ibm Mq For Hpe Nonstop 8.0.4
Ibm Mq For Hpe Nonstop 8.1.0
6.5
CVSSv3
CVE-2019-4670
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote malicious user to obtain sensitive information caused by improper data representation. IBM X-Force ID: 171319.
Ibm Websphere Application Server
6.5
CVSSv3
CVE-2019-4732
IBM SDK, Java Technology Edition Version 7.0.0.0 up to and including 7.0.10.55, 7.1.0.0 up to and including 7.1.4.55, and 8.0.0.0 up to and including 8.0.6.0 could allow a local authenticated malicious user to execute arbitrary code on the system, caused by DLL search order hijac...
Ibm Sdk
Ibm Websphere Application Server 7.0
Ibm Websphere Application Server 8.0
Ibm Websphere Application Server 8.5
Ibm Websphere Application Server 9.0
6.5
CVSSv3
CVE-2019-4477
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a user with access to audit logs to obtain sensitive information, caused by improper handling of command line options. IBM X-Force ID: 163997.
Ibm Websphere Application Server
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalation
CVE-2024-20696
CVE-2024-29829
CVE-2024-33999
CVE-2024-35646
physical
CVE-2024-24919
CVE-2024-31030
local users
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »