EUVD-2019-14049

🗓️ 07 Oct 2025 00:30:54Reported by EUVDType

IBM WebSphere Application Server vulnerabilities allow remote attackers to traverse file system directories

Reporter	Title	Published	Views	Family All 40
IBM Security Bulletins	Security Bulletin: Multiple security vulnerabilities have been identified in IBM WebSphere Application Server shipped with IBM Rational ClearCase	8 Oct 201919:27	–	ibm
IBM Security Bulletins	Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server, which is shipped with, or a required product for, IBM Tivoli Netcool Configuration Manager (CVE-2019-4442).	14 Feb 202013:16	–	ibm
IBM Security Bulletins	Security Bulletin: Security vulnerabilities have been identified in WebSphere Application Server shipped with WebSphere Remote Server (CVE-2019-4442), (CVE-2019-4271), (CVE-2019-4268), (CVE-2019-4270), (CVE-2019-4477)	25 Sep 201914:00	–	ibm
IBM Security Bulletins	Security Bulletin: Security vulnerabilities are identified in the WebSphere Application Server where the Rational Asset Manager is deployed (CVE-2019-4442, CVE-2019-4268, CVE-2019-4270, and CVE-2019-4477)	25 Sep 201908:28	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in WebSphere Application Server affects IBM Rational products based on IBM Jazz technology	28 Apr 202118:35	–	ibm
IBM Security Bulletins	Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Tivoil Federated Identity Manager	20 Dec 201908:47	–	ibm
IBM Security Bulletins	Security Bulletin: A Security Vulnerability Has Been Identified In IBM WebSphere Application Server shipped with IBM Security Access Manager for Enterprise Single Sign-On (CVE-2019-4442)	20 Sep 201905:05	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities affect IBM Tivoli Monitoring embedded WebSphere Application and IHS server	20 Dec 201908:47	–	ibm
IBM Security Bulletins	A security vulnerability has been identified in WebSphere Application Server shipped with IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise (CVE-2019-4442)	20 Dec 201908:47	–	ibm
IBM Security Bulletins	Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server, which is shipped with, or a required product for, IBM Tivoli Network Manager (CVE-2019-4442).	14 Feb 202013:55	–	ibm

[
  {
    "enisaIdVendor": [
      {
        "id": "46efe667-f1a6-341e-8e55-7b3263ff2ba1",
        "vendor": {
          "name": "IBM"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "2ff068ff-c245-30ab-aead-ab881a23c4af",
        "product": {
          "name": "WebSphere Application Server"
        },
        "product_version": "8.5"
      },
      {
        "id": "62c10bf8-7ac1-3a49-8ef5-5e66d3dd3a18",
        "product": {
          "name": "WebSphere Application Server"
        },
        "product_version": "8.0"
      },
      {
        "id": "927d2850-6e7d-3491-b98b-770bfb19001d",
        "product": {
          "name": "WebSphere Application Server"
        },
        "product_version": "7.0"
      },
      {
        "id": "af6622fb-1fa8-36a3-821c-010902c8139d",
        "product": {
          "name": "WebSphere Application Server"
        },
        "product_version": "9.0"
      }
    ]
  }
]

Source	Link
ibm	www.ibm.com/support/pages/node/959021
exchange	www.exchange.xforce.ibmcloud.com/vulnerabilities/163226
github	www.github.com/advisories/GHSA-293c-r3p4-g63r

07 Oct 2025 00:30Current

4.8Medium risk

Vulners AI Score4.8

CVSS 34.3

CVSS 24

CVSS 3.14.3

EPSS0.0042