EUVD-2018-12481

🗓️ 07 Oct 2025 00:30:54Reported by EUVDType

IBM WebSphere Application Server versions may allow remote attackers to spoof connection information.

Reporter	Title	Published	Views	Family All 67
IBM Security Bulletins	Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Digital Business Automation Workflow family products (CVE-2018-1902)	14 Sep 202215:02	–	ibm
IBM Security Bulletins	Security Bulletin: Client certificates can be spoofed in Liberty for Java for IBM Cloud (CVE-2018-1902)	13 May 201921:40	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Security Identity Manager Virtual Appliance is affected by multiple vulnerabilities (CVE-2018-1902, CVE-2018-1968, CVE-2019-4046)	2 Jul 201916:35	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in WebSphere Application Server bundled with IBM WebSphere Application Server Patterns	11 Mar 201912:25	–	ibm
IBM Security Bulletins	Security Bulletin: Spoofing and denial of service vulnerabilities in WebSphere Application Liberty affect IBM Spectrum Protect Snapshot for VMware (CVE-2018-1902, CVE-2019-4046)	1 Feb 202211:37	–	ibm
IBM Security Bulletins	Security Bulletin: Content Collector for Email is affected by a Client certificates can be spoofed in WebSphere Application Server	30 Apr 201916:10	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple security vulnerabilities have been identified in IBM WebSphere Application Server Liberty that affect IBM Spectrum Protect for Workstations Central Administration Console	12 Sep 201923:35	–	ibm
IBM Security Bulletins	Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Tivoli Access Manager for eBusiness (CVE-2018-1902)	24 Sep 201912:19	–	ibm
IBM Security Bulletins	Security Bulletin: Potential Spoofing vulnerability in WebSphere Application Server (CVE-2018-1902)	3 May 201919:20	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple security vulnerabilities have been identified in IBM WebSphere Application Server shipped with IBM Security Identity Manager (CVE-2018-1902, CVE-2019-4046)	26 Mar 201921:35	–	ibm

[
  {
    "enisaIdVendor": [
      {
        "id": "76237894-ef8c-3b03-87dc-06fcc31d586a",
        "vendor": {
          "name": "IBM"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "2bab2576-7387-3bc2-b0ac-e1216d953040",
        "product": {
          "name": "WebSphere Application Server"
        },
        "product_version": "8.5"
      },
      {
        "id": "4a98dbc1-8609-3025-ac12-d07ad1a897cd",
        "product": {
          "name": "WebSphere Application Server"
        },
        "product_version": "7.0"
      },
      {
        "id": "8725bf23-4e4a-32d1-bf11-dd9e80b843ba",
        "product": {
          "name": "WebSphere Application Server"
        },
        "product_version": "9.0"
      },
      {
        "id": "e60570c3-b36b-3aac-b5e6-4eae3ee63dd3",
        "product": {
          "name": "WebSphere Application Server"
        },
        "product_version": "8.0"
      }
    ]
  }
]

Source	Link
ibm	www.ibm.com/support/docview.wss
securityfocus	www.securityfocus.com/bid/107383
exchange	www.exchange.xforce.ibmcloud.com/vulnerabilities/152531
github	www.github.com/advisories/GHSA-293c-r3p4-g63r

07 Oct 2025 00:30Current

4.7Medium risk

Vulners AI Score4.7

CVSS 33.1 - 4.3

CVSS 24

EPSS0.00261