EUVD-2019-13878

🗓️ 07 Oct 2025 00:30:54Reported by EUVDType

IBM WebSphere Application Server has a client-side HTTP parameter pollution vulnerability.

Reporter	Title	Published	Views	Family All 31
IBM Security Bulletins	Security Bulletin: Multiple security vulnerabilities have been identified in IBM WebSphere Application Server shipped with IBM Rational ClearCase	8 Oct 201919:27	–	ibm
IBM Security Bulletins	Security Bulletin: Security vulnerabilities have been identified in WebSphere Application Server shipped with WebSphere Remote Server (CVE-2019-4442), (CVE-2019-4271), (CVE-2019-4268), (CVE-2019-4270), (CVE-2019-4477)	25 Sep 201914:00	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in WebSphere Application Server affects IBM Rational products based on IBM Jazz technology	28 Apr 202118:35	–	ibm
IBM Security Bulletins	Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Business Monitor (CVE-2019-4271)	17 Sep 201914:12	–	ibm
IBM Security Bulletins	Security Bulletin: A security vulnerability has been identified in WebSphere Application Server shipped with IBM Tivoli System Automation Application Manager (CVE-2019-4271)	15 Nov 201910:31	–	ibm
IBM Security Bulletins	Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with OpenPages GRC Platform (CVE-2019-4271)	8 Oct 201922:23	–	ibm
IBM Security Bulletins	Security Bulletin: Security vulnerabilities have been identified in WebSphere Application Server shipped with WebSphere Service Registry and Repository (CVE-2019-4442, CVE-2019-4271, CVE-2019-4268, CVE-2019-4270 and CVE-2019-4477)	24 Sep 201916:24	–	ibm
IBM Security Bulletins	Security Bulletin: A Security Vulnerability Has Been Identified In WebSphere Application Server shipped with IBM Tivoli Federated Identity Manager (CVE-2019-4271)	28 Jan 202020:50	–	ibm
IBM Security Bulletins	Security Bulletin: A security vulnerability has been identified in WebSphere Application Server shipped with IBM Intelligent Operations Center (CVE-2019-4271)	18 Sep 201917:15	–	ibm
IBM Security Bulletins	Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server, which is a required product for IBM Tivoli Netcool Configuration Manager (CVE-2019-4271)	20 Mar 202012:10	–	ibm

[
  {
    "enisaIdVendor": [
      {
        "id": "c52d992d-4d94-34f7-8a62-336118db2ab4",
        "vendor": {
          "name": "IBM"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "1b7524cc-cec0-3650-af4d-e98946409d51",
        "product": {
          "name": "WebSphere Application Server"
        },
        "product_version": "8.5"
      },
      {
        "id": "9db68d07-394c-384a-b4fc-92f7c8a06356",
        "product": {
          "name": "WebSphere Application Server"
        },
        "product_version": "7.0"
      },
      {
        "id": "d6be68b6-baff-310a-8ce4-4c1e97e19055",
        "product": {
          "name": "WebSphere Application Server"
        },
        "product_version": "9.0"
      },
      {
        "id": "dcfaf844-d66d-36a3-873c-7fbbff5ada2b",
        "product": {
          "name": "WebSphere Application Server"
        },
        "product_version": "8.0"
      }
    ]
  }
]

Source	Link
ibm	www.ibm.com/support/pages/node/884040
exchange	www.exchange.xforce.ibmcloud.com/vulnerabilities/160243
github	www.github.com/advisories/GHSA-293c-r3p4-g63r

07 Oct 2025 00:30Current

4.6Medium risk

Vulners AI Score4.6

CVSS 33.5

CVSS 3.13.5

CVSS 23.5

EPSS0.00174