EUVD-2019-13875

🗓️ 07 Oct 2025 00:30:54Reported by EUVDType

IBM WebSphere Application Server versions 7.0 to 9.0 may allow remote directory traversal attacks.

Reporter	Title	Published	Views	Family All 39
IBM Security Bulletins	Security Bulletin: Multiple security vulnerabilities have been identified in IBM WebSphere Application Server shipped with IBM Rational ClearCase	8 Oct 201919:27	–	ibm
IBM Security Bulletins	Security Bulletin: A Security Vulnerability Has Been Identified In WebSphere Application Server shipped with IBM Tivoli Federated Identity Manager (CVE-2019-4268)	28 Jan 202018:58	–	ibm
IBM Security Bulletins	Security Bulletin: A security vulnerability has been identified in WebSphere Application Server shipped with IBM Intelligent Operations Center (CVE-2019-4268)	18 Sep 201914:16	–	ibm
IBM Security Bulletins	Security Bulletin: Security vulnerabilities have been identified in WebSphere Application Server shipped with WebSphere Remote Server (CVE-2019-4442), (CVE-2019-4271), (CVE-2019-4268), (CVE-2019-4270), (CVE-2019-4477)	25 Sep 201914:00	–	ibm
IBM Security Bulletins	Security Bulletin: Security vulnerabilities are identified in the WebSphere Application Server where the Rational Asset Manager is deployed (CVE-2019-4442, CVE-2019-4268, CVE-2019-4270, and CVE-2019-4477)	25 Sep 201908:28	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in WebSphere Application Server affects IBM Rational products based on IBM Jazz technology	28 Apr 202118:35	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities affect IBM Tivoli Monitoring embedded WebSphere Application and IHS server	20 Dec 201908:47	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in WebSphere Application Server bundled with Cloud Pak System and supporting products	6 May 202011:57	–	ibm
IBM Security Bulletins	Security Bulletin: Security vulnerabilities have been identified in WebSphere Application Server shipped with WebSphere Service Registry and Repository (CVE-2019-4442, CVE-2019-4271, CVE-2019-4268, CVE-2019-4270 and CVE-2019-4477)	24 Sep 201916:24	–	ibm
IBM Security Bulletins	Security Bulletin: File traversal vulnerability in WebSphere Application Server Admin Console which is shipped with Jazz for Service Management (CVE-2019-4268)	28 Feb 202003:18	–	ibm

[
  {
    "enisaIdVendor": [
      {
        "id": "8d4cc316-00ea-33e5-ba1c-120e2366c86c",
        "vendor": {
          "name": "IBM"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "39397604-24a6-3514-b39f-6955bf2c9e7b",
        "product": {
          "name": "WebSphere Application Server"
        },
        "product_version": "9.0"
      },
      {
        "id": "a081e049-74ae-3182-9a62-ffe7ca4b0c4e",
        "product": {
          "name": "WebSphere Application Server"
        },
        "product_version": "8.5"
      },
      {
        "id": "e923cf20-78b2-3a5c-93c9-c21f93e4bc20",
        "product": {
          "name": "WebSphere Application Server"
        },
        "product_version": "8.0"
      },
      {
        "id": "fa561177-dcad-307a-a477-bc3e0288bd3b",
        "product": {
          "name": "WebSphere Application Server"
        },
        "product_version": "7.0"
      }
    ]
  }
]

Source	Link
ibm	www.ibm.com/support/pages/node/884030
exchange	www.exchange.xforce.ibmcloud.com/vulnerabilities/160201
github	www.github.com/advisories/GHSA-293c-r3p4-g63r

07 Oct 2025 00:30Current

5.6Medium risk

Vulners AI Score5.6

CVSS 35.3

CVSS 25

CVSS 3.15.3

EPSS0.00424