Lucene search
K

12 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 10:8 p.m.10 views

Security Bulletin: A security vulnerability has been identified in WebSphere Application Server shipped with IBM Security Guardium Key Lifecycle Manager (SKLM/GKLM) (CVE-2024-45072)

Summary WebSphere Application Server is shipped as a component of IBM Security Guardium Key Lifecycle Manager SKLM/GKLM. Information about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulleti...

5.5CVSS6.5AI score0.00439EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 10:8 p.m.18 views

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server, which is used by IBM Rational ClearQuest (CVE-2024-45072)

Summary IBM WebSphere Application Server WAS is used by IBM Rational ClearQuest server and web components. Information about security vulnerability affecting WAS has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes sectio...

5.5CVSS6.6AI score0.00439EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 10:8 p.m.19 views

Security Bulletin: Maximo Asset Management- A security vulnerability has been identified in IBM WebSphere Application Server shipped with Asset and Service Management (CVE-2024-45072)

Summary IBM WebSphere Application Server is shipped as a component of Maximo Asset Management, Maximo Industry Solutions including Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life Sciences, Maximo for Oil and Gas, and Maximo for Utilities, Maximo Adapter for Primavera,...

5.5CVSS5.7AI score0.00439EPSS
Exploits0Affected Software11
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 10:8 p.m.18 views

Security Bulletin: IBM WebSphere Application Server shipped with Jazz for Service Management (JazzSM) is vulnerable to an XML External Entity Injection (XXE) vulnerability (CVE-2024-45072)

Summary IBM WebSphere Application Server shipped with Jazz for Service Management JazzSM is vulnerable to an XML External Entity Injection XXE in the administrative console. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Version...

5.5CVSS7.2AI score0.00439EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 10:8 p.m.32 views

Security Bulletin: IBM WebSphere Application Server, which is bundled with IBM WebSphere Hybrid Edition, is vulnerable to an XML External Entity Injection (XXE) vulnerability (CVE-2024-45072)

Summary IBM WebSphere Application Server, which is bundled with IBM WebSphere Hybrid Edition, is vulnerable to an XML External Entity Injection XXE in the administrative console. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and...

5.5CVSS5.6AI score0.00439EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 10:8 p.m.15 views

Security Bulletin: IBM Tivoli Composite Application Manager for Application Diagnostics installed IBM WebSphere Application Server traditional is vulnerable to an XML External Entity Injection (XXE) vulnerability (CVE-2024-45072).

Summary The security issue described in CVE-2024-45072 has been identified in the WebSphere Application Server included as part of IBM Tivoli Composite Application Manager for Application Diagnostics. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...

5.5CVSS6.5AI score0.00439EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 10:8 p.m.15 views

Security Bulletin: IBM Master Data Management is vulnerable to an XXE attack from a vulnerability found in IBM WebSphere Application Server (CVE-2024-45072)

Summary IBM Master Data Management v11.6, v12.0, and v14.0 are vulnerable to an XXE attack from a vulnerability found in IBM WebSphere Application Server. IBM WebSphere Application Server is vulnerable to an XML External Entity Injection XXE attack when processing XML data. A privileged user coul...

5.5CVSS6.3AI score0.00439EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 10:8 p.m.20 views

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with WebSphere Service Registry and Repository (CVE-2024-45072)

Summary WebSphere Application Server is shipped as a component of WebSphere Service Registry and Repository. Information about an XML External Entity Injection XXE attack vulnerability affecting WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to...

5.5CVSS6.6AI score0.00439EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/10/23 7:8 p.m.27 views

Security Bulletin: IBM WebSphere Application Server is vulnerable to an XML External Entity Injection (XXE) vulnerability (CVE-2024-45072)

Summary IBM WebSphere Application Server is vulnerable to an XML External Entity Injection XXE in the administrative console. Vulnerability Details CVEID:CVE-2024-45072 DESCRIPTION: IBM WebSphere Application Server is vulnerable to an XML External Entity Injection XXE attack when processing XML...

5.5CVSS6.4AI score0.00439EPSS
Exploits0Affected Software1
OSV
OSV
added 2024/10/16 5:15 p.m.2 views

CVE-2024-45072

IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to an XML External Entity Injection XXE attack when processing XML data. A privileged user could exploit this vulnerability to expose sensitive information or consume memory resources...

5.5CVSS5.8AI score0.00439EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/10/16 4:12 p.m.11 views

CVE-2024-45072 IBM WebSphere Application Server XML external entity injection

IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to an XML External Entity Injection XXE attack when processing XML data. A privileged user could exploit this vulnerability to expose sensitive information or consume memory resources...

5.5CVSS6.9AI score0.00439EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/10/16 4:12 p.m.15 views

CVE-2024-45072 IBM WebSphere Application Server XML external entity injection

IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to an XML External Entity Injection XXE attack when processing XML data. A privileged user could exploit this vulnerability to expose sensitive information or consume memory resources...

5.5CVSS0.00439EPSS
Exploits0References1
Rows per page
Query Builder