CVE-2023-50314

CVE-2023-50314 impacts IBM WebSphere Application Server Liberty versions 17.0.0.3 through 24.0.0.8. The IBM bulletin notes an attacker with network access could perform spoofing and obtain sensitive information by exploiting improper certificate validation using a certificate from a trusted CA. A...

CVE-2023-50315

IBM WebSphere Application Server 8.5 and 9.0 could allow an attacker with access to the network to conduct spoofing attacks. An attacker could exploit this vulnerability using a certificate issued by a trusted authority to obtain sensitive information. IBM X-Force ID: 274714...

CVE-2023-50315

IBM WebSphere Application Server 8.5 and 9.0 could allow an attacker with access to the network to conduct spoofing attacks. An attacker could exploit this vulnerability using a certificate issued by a trusted authority to obtain sensitive information. IBM X-Force ID: 274714...

CVE-2023-50315 IBM WebSphere Application Server information disclosure

IBM WebSphere Application Server 8.5 and 9.0 could allow an attacker with access to the network to conduct spoofing attacks. An attacker could exploit this vulnerability using a certificate issued by a trusted authority to obtain sensitive information. IBM X-Force ID: 274714...

CVE-2023-50315 IBM WebSphere Application Server information disclosure

IBM WebSphere Application Server 8.5 and 9.0 could allow an attacker with access to the network to conduct spoofing attacks. An attacker could exploit this vulnerability using a certificate issued by a trusted authority to obtain sensitive information. IBM X-Force ID: 274714...

CVE-2023-50315

CVE-2023-50315 affects IBM WebSphere Application Server 8.5 and 9.0. The provided documents describe an information disclosure risk via spoofing attacks where an attacker with network access could leverage a certificate from a trusted authority to obtain sensitive data. The issue is tied to impro...

Security Bulletin: IBM WebSphere Application Server is vulnerable to an information disclosure (CVE-2023-50315)

Summary IBM WebSphere Application Server is vulnerable to an information disclosure. Vulnerability Details CVEID:CVE-2023-50315 DESCRIPTION: IBM WebSphere Application Server could allow an attacker with access to the network to conduct spoofing attacks. An attacker could exploit this vulnerabilit...

Security Bulletin: IBM WebSphere Application Server Liberty is vulnerable to information disclosure (CVE-2023-50314)

Summary IBM WebSphere Application Server Liberty is vulnerable to information disclosure. Vulnerability Details CVEID:CVE-2023-50314 DESCRIPTION: IBM WebSphere Application Server Liberty could allow an attacker with access to the network to conduct spoofing attacks. An attacker could exploit this...

Security Bulletin: Multiple Vulnerabilities in IBM® Java SDK affect IBM WebSphere Application Server and IBM WebSphere Application Server Liberty due to July 2024 CPU

Summary There are multiple vulnerabilities in the IBM® SDK, Java™ Technology Edition that is shipped with IBM WebSphere Application Server and IBM WebSphere Application Server Liberty. The CVEs listed in this document might affect some configurations of IBM WebSphere Application Server traditiona...

IBM WebSphere Application Server Liberty 安全漏洞

IBM WebSphere Application Server Liberty is a Java application server from International Business Machines IBM built on top of the Open Liberty project. A security vulnerability exists in IBM WebSphere Application Server Liberty versions 17.0.0.3 through 24.0.0.8, which originates from a...

IBM WebSphere Application Server 信任管理问题漏洞

IBM WebSphere Application Server WAS is an application server product from International Business Machines IBM. The product is a platform for JavaEE and Web services applications and is the foundation of the IBM WebSphere software platform. A trust management issue vulnerability exists in IBM...

PT-2024-13901 · Ibm · Ibm Websphere Application Server

Name of the Vulnerable Software and Affected Versions: IBM WebSphere Application Server versions 8.5 through 9.0 Description: The issue allows an attacker with access to the network to conduct spoofing attacks. An attacker could exploit this using a certificate issued by a trusted authority to...

Security Bulletin: IBM Cognos Dashboards on Cloud Pak for Data has addressed security vulnerabilities

Summary There are vulnerabilities in IBM Websphere Application Liberty and Open-Source Software OSS components consumed by IBM Cognos Dashboards on Cloud Pak which have been resolved by upgrading or removing the vulnerable libraries. Please refer to the Related Information section below for...

Security Bulletin: Multiple vulnerabilities in IBM WebSphere Liberty Profile affects IBM Robotic Process Automation and may result in a denial of service ( CVE-2024-25026, CVE-2024-27268)

Summary Multiple vulnerabilities in IBM WebSphere Liberty Profile affects IBM Robotic Process Automation and may result in a denial of service. IBM WebSphere Liberty is used by IBM Robotic Process Automation for as part of Abbyy and Antivirus containers and UMS. This bulletin identifies the...

Security Bulletin: IBM Maximo Application Suite uses IBM WebSphere Application Server Liberty 24.0.0.4 which is vulnerable to CVE-2023-50312 and CVE-2024-25026

Summary IBM Maximo Application Suite uses IBM WebSphere Application Server Liberty 24.0.0.4 which is vulnerable to CVE-2023-50312 and CVE-2024-25026. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2023-50312 DESCRIPTION: IBM WebSphe...

Security Bulletin: Multiple vulnerabilities in IBM WebSphere Liberty impact IBM License Key Server Administration and Reporting Tool and IBM LKS Administration Agent.

Summary Multiple vulnerabilities in IBM WebSphere Liberty impact IBM License Key Server Administration and Reporting Tool and IBM LKS Administration Agent. Vulnerability Details CVEID:CVE-2024-25026 DESCRIPTION: IBM WebSphere Application Server 8.5, 9.0 and IBM WebSphere Application Server Libert...

Security Bulletin: IBM Master Data Management vulnerable to remote code execution from vulnerability in IBM WebSphere Application Server (CVE-2024-35154)

Summary IBM Master Data Management version 11.6 and 12.0 is impacted by vulnerability in WebSphere Application Server. IBM WebSphere Application Server 8.5 and 9.0 could allow a remote authenticated attacker, who has authorized access to the administrative console, to execute arbitrary code. Usin...

Security Bulletin: Maximo Application Suite - IBM WebSphere Application Server Liberty is vulnerable to CVE-2024-27268 used in IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses WebSphere Application Server Liberty which is vulnerable to CVE-2024-27268. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-27268 DESCRIPTION: IBM WebSphere Application...

Security Bulletin: Maximo Application Suite - IBM WebSphere Application Server Liberty is vulnerable to CVE-2024-22354 used in IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses WebSphere Application Server Liberty which is vulnerable to CVE-2024-22354. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-22354 DESCRIPTION: IBM WebSphere Application...

Security Bulletin: Maximo Application Suite - IBM WebSphere Application Server Liberty is vulnerable to CVE-2023-51775 a denial of service due to jose4j

Summary IBM Maximo Application Suite - Monitor Component uses jose4j which is vulnerable to CVE-2023-51775. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2023-51775 DESCRIPTION: jose4j is vulnerable to a denial of service, caused by...