IBM WebSphere Application Server and IBM WebSphere Application Server Liberty XML External Entity Injection Vulnerability

IBM WebSphere Application Server WAS and IBM WebSphere Application Server Liberty are both products of International Business Machines IBM.IBM WebSphere Application Server is an application server IBM WebSphere Application Server is an application server product. The product is a platform for...

IBM WebSphere Application Server and IBM WebSphere Application Server Liberty Server-Side Request Forgery Vulnerability

IBM WebSphere Application Server WAS and IBM WebSphere Application Server Liberty are both products of International Business Machines IBM.IBM WebSphere Application Server is an application server IBM WebSphere Application Server is an application server product. The product is a platform for...

IBM WebSphere Application Server 和 IBM WebSphere Application Server Liberty 代码问题漏洞

IBM WebSphere Application Server WAS and IBM WebSphere Application Server Liberty are both products of International Business Machines IBM.IBM WebSphere Application Server is an application server IBM WebSphere Application Server is an application server product. The product is a platform for...

Vulnerabilities fixed in IBM Websphere Application Server

Vulnerabilities have been fixed in IBM WebSphere Application Server and IBM WebSphere Application Server Liberty.The vulnerabilities allow a malicious party to launch attacks that lead to the following categories of damage: Server Side Request Forgery SSRF. Access to sensitive data IBM has releas...

CVE-2024-3367

Argument injection in webspheremq agent plugin in Checkmk 2.0.0, 2.1.0, 2.2.0p26 and 2.3.0b5 allows local attacker to inject one argument to runmqsc...

CVE-2024-3367

Argument injection in webspheremq agent plugin in Checkmk 2.0.0, 2.1.0, 2.2.0p26 and 2.3.0b5 allows local attacker to inject one argument to runmqsc...

UBUNTU-CVE-2024-3367

Argument injection in webspheremq agent plugin in Checkmk 2.0.0, 2.1.0, 2.2.0p26 and 2.3.0b5 allows local attacker to inject one argument to runmqsc...

CVE-2024-3367

Affected product: Checkmk with websphere_mq agent plugin. Vulnerable versions: Checkmk 2.0.0, 2.1.0, and any 2.2.0p26 and 2.3.0b5-era builds (i.e., <2.2.0p26 and

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Tivoli Netcool/OMNIbus WebGUI (CVE-2023-51775)

Summary Websphere Application Server WAS is shipped as a component of Tivoli Netcool/OMNIbus WebGUI. Information about a security vulnerability affecting WAS has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Tivoli Netcool/OMNIbus WebGUI (CVE-2023-50313)

Summary Websphere Application Server WAS is shipped as a component of Tivoli Netcool/OMNIbus WebGUI. Information about a security vulnerability affecting WAS has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...

PT-2024-10052 · Ibm · Ibm Websphere Application Server +1

Name of the Vulnerable Software and Affected Versions: IBM WebSphere Application Server versions 8.5, 9.0 IBM WebSphere Application Server Liberty versions 17.0.0.3 through 24.0.0.5 Description: The issue is related to incorrect restriction of XML links to external objects, which can be exploited...

PT-2024-25427 · Ibm · Websphere Mq

Name of the Vulnerable Software and Affected Versions: Checkmk versions 2.0.0 through 2.1.0 Checkmk versions prior to 2.2.0p26 Checkmk versions prior to 2.3.0b5 Description: The issue allows a local attacker to inject an argument to runmqsc, potentially due to an untrusted data vulnerability in t...

IBM WebSphere Application Server 8.5.x < 8.5.5.26 / 9.x < 9.0.5.20 / Liberty 17.0.0.3 < 24.0.0.4 (7148380)

The version of IBM WebSphere Application Server running on the remote host is affected by a vulnerability as referenced in the 7148380 advisory. - IBM WebSphere Application Server 8.5, 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.3 are vulnerable to server-side request...

IBM WebSphere Application Server 8.5.x < 8.5.5.26 / 9.x < 9.0.5.20 / Liberty 17.0.0.3 < 24.0.0.6 (7148426)

The version of IBM WebSphere Application Server running on the remote host is affected by a vulnerability as referenced in the 7148426 advisory. - IBM WebSphere Application Server 8.5, 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.5 are vulnerable to an XML External...

PT-2024-19342 · Ibm · Ibm Websphere Application Server +1

Name of the Vulnerable Software and Affected Versions: IBM WebSphere Application Server versions 8.5, 9.0 IBM WebSphere Application Server Liberty versions 17.0.0.3 through 24.0.0.3 Description: The issue is related to server-side request forgery SSRF. By sending a specially crafted request, an...

Security Bulletin: IBM WebSphere Application Server shipped with Jazz for Service Management (JazzSM) is vulnerable to a denial of service due to jose4j (CVE-2023-51775)

Summary IBM WebSphere Application Server shipped with Jazz for Service Management JazzSM is vulnerable to a denial of service due to jose4j. Information about a security vulnerability affecting IBM WebSphere Application Server Traditional have been published in a security bulletin. Vulnerability...

Security Bulletin: IBM Sterling B2B Integrator B2B API is affected by improper resource expiration handling due to IBM WebSphere Application Server Liberty (CVE-2023-46158)

Summary IBM Sterling B2B Integrator uses IBM WebSphere Application Server Liberty. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID:CVE-2023-46158 DESCRIPTION: IBM WebSphere Application Server Liberty 23.0.0.9 through 23.0.0.10 could provide...

Security Bulletin: IBM WebSphere Application Server and IBM WebSphere Application Server Liberty, which are bundled with IBM WebSphere Hybrid Edition, are vulnerable to a denial of service due to jose4j (CVE-2023-51775)

Summary There is a vulnerability in the jose4j library used by IBM WebSphere Application Server traditional and used by the IBM WebSphere Application Server Liberty, which are bundled with IBM WebSphere Hybrid Edition. Vulnerability Details Refer to the security bulletins listed in the...

Security Bulletin: IBM WebSphere Application Server and IBM WebSphere Application Server Liberty, which are bundled with IBM Cloud Pak for Applications, are vulnerable to a denial of service due to jose4j (CVE-2023-51775)

Summary There is a vulnerability in the jose4j library used by IBM WebSphere Application Server traditional and used by the IBM WebSphere Application Server Liberty, which are bundled with IBM Cloud Pak for Applications. Vulnerability Details Refer to the security bulletins listed in the...

Security Bulletin: Multiple Vulnerabilities have been identified in IBM HTTP Server shipped with IBM WebSphere Remote Server (CVE-2023-38709, CVE-2024-24795)

Summary IBM HTTP Server is shipped with IBM WebSphere Remote Server. Information about security vulnerabilities affecting IBM HTTP Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and...