Lucene search
K

13330 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2022/11/16 9:7 p.m.24 views

Security Bulletin: Multiple vulnerabilities have been identified in IBM WebSphere Application Server used by IBM Rational ClearQuest (CVE-2022-38712, CVE-2022-40750)

Summary IBM WebSphere Application Server WAS is used by the IBM Rational ClearQuest server and web components. Information about security vulnerabilities affecting WAS have been published in a security bulletin. Vulnerability Details CVEID:CVE-2022-38712 DESCRIPTION: IBM WebSphere Application...

5.9CVSS6.3AI score0.00475EPSS
Exploits0Affected Software1
NCSC
NCSC
added 2022/11/15 12:0 a.m.3 views

Vulnerabilities fixed in IBM WebSphere Application Server

Vulnerabilities have been fixed in IBM HTTP Server, part of IBM WebSphere Application Server. The vulnerabilities are specifically in the libexpat component of the product. For more information about the vulnerability in libexpat, see: https://www.ncsc.nl/actueel/advisory?id=NCSC-2022-0684 The...

7.5CVSS7.8AI score0.19433EPSS
Exploits3
NVD
NVD
added 2022/11/11 7:15 p.m.10 views

CVE-2022-40750

IBM WebSphere Application Server 8.5, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID:...

5.4CVSS0.00371EPSS
Exploits0References2
OSV
OSV
added 2022/11/11 7:15 p.m.2 views

CVE-2022-40750

IBM WebSphere Application Server 8.5, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID:...

5.4CVSS5.1AI score0.00371EPSS
Exploits0References2
Prion
Prion
added 2022/11/11 7:15 p.m.18 views

Cross site scripting

IBM WebSphere Application Server 8.5, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID:...

4.9CVSS5.3AI score0.00371EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/11/11 6:21 p.m.18 views

CVE-2022-40750 IBM WebSphere Application Server cross-site scripting

IBM WebSphere Application Server 8.5, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID:...

5.4CVSS5.4AI score0.00371EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2022/11/11 6:21 p.m.2 views

CVE-2022-40750 IBM WebSphere Application Server cross-site scripting

IBM WebSphere Application Server 8.5, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID:...

5.4CVSS6.2AI score0.00371EPSS
Exploits0References2
CVE
CVE
added 2022/11/11 6:21 p.m.71 views

CVE-2022-40750

CVE-2022-40750 affects IBM WebSphere Application Server (WAS) 7.0, 8.0, 8.5 and 9.0, with cross-site scripting in the Admin Console (notably via the Application Migration Report function). The vulnerability enables an attacker to inject arbitrary JavaScript into the Web UI, potentially leading to...

5.4CVSS5.2AI score0.00371EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2022/11/11 12:0 a.m.2 views

PT-2022-25510 · Ibm · Ibm Websphere Application Server

Name of the Vulnerable Software and Affected Versions: IBM WebSphere Application Server versions 8.5 through 9.0 Description: This issue allows users to embed arbitrary JavaScript code in the Web UI, altering the intended functionality and potentially leading to credentials disclosure within a...

5.4CVSS5.7AI score0.00371EPSS
Exploits0References6
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/09 2:43 p.m.13 views

Security Bulletin: Security vulnerabilities have been identified in IBM WebSphere Application Server used by IBM Master Data Management

Summary IBM InfoSphere Master Data Management is affected by IBM WebSphere Application Server which is vulnerable to SOAPAction spoofing when processing JAX-WS Web Services requests Vulnerability Details CVEID:CVE-2022-38712 DESCRIPTION: IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Web...

5.9CVSS5.8AI score0.00475EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/09 2:27 p.m.22 views

Security Bulletin: Security vulnerabilities have been identified in IBM WebSphere Application Server used by IBM Master Data Management

Summary IBM InfoSphere Master Data Management is affected by vulnerbility in IBM WebSphere Application Server to a server-side request forgery vulnerability. This has been addressed. Vulnerability Details CVEID:CVE-2022-35282 DESCRIPTION: IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is...

6.5CVSS5AI score0.00304EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/09 1:56 p.m.19 views

Security Bulletin: Security vulnerabilities have been identified in IBM WebSphere Application Server used by IBM Master Data Management

Summary IBM InfoSphere Master Data Management is affected by IBM WebSphere Application Server vulnerability to cross-site scripting in the Admin Console. This has been addressed. Vulnerability Details CVEID:CVE-2022-34336 DESCRIPTION: IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is...

5.4CVSS5.4AI score0.00412EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/09 12:57 p.m.26 views

Security Bulletin: Security vulnerabilities have been identified in IBM WebSphere Application Server used by IBM Master Data Management

Summary IBM InfoSphere Master Data Management is affected by IBM WebSphere Application Server vulnerability to HTTP header injection when processing web requests. This has been addressed. Vulnerability Details CVEID:CVE-2022-34165 DESCRIPTION: IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9...

5.4CVSS5.6AI score0.00441EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/09 3:11 a.m.22 views

Security Bulletin: WebSphere Application Server shipped with IBM Security Access Manager for Enterprise Single Sign-On is vulnerable to cross-site scripting in the Admin Console (CVE-2022-40750)

Summary IBM Security Access Manager for Enterprise Single Sign-On includes IBM WebSphere Application Server. IBM WebSphere Application Server is vulnerable to cross-site scripting in the Admin Console CVE-2022-40750 Vulnerability Details Refer to the security bulletins listed in the...

5.4CVSS5.4AI score0.00371EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/08 1:15 p.m.39 views

Security Bulletin: A security vulnerability has been identified in WebSphere Application Server traditional shipped with IBM Intelligent Operations Center (CVE-2022-38712)

Summary IBM WebSphere Application Server traditional is shipped with IBM Intelligent Operations Center. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in...

5.9CVSS5.6AI score0.00475EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/08 12:31 p.m.26 views

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Tivoli System Automation Application Manager (CVE-2022-22477)

Summary A cross site scripting vulnerability in the admin console affecting the WebSphere Application Server has been addressed in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected Products|...

6.1CVSS6.1AI score0.00495EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/08 9:6 a.m.18 views

Security Bulletin: Multiple security vulnerabilities have been identified in IBM WebSphere Application Server shipped with IBM Rational ClearCase ( CVE-2022-40750,CVE-2022-38712 )

Summary IBM WebSphere Application Server WAS is shipped as a component of IBM Rational ClearCase. Information about security vulnerabilities affecting WAS have been published in security bulletins. Vulnerability Details CVEID:CVE-2022-40750 DESCRIPTION: IBM WebSphere Application Server is...

5.9CVSS6.2AI score0.00475EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/08 2:39 a.m.15 views

Security Bulletin: WebSphere Application Server shipped with IBM Security Access Manager for Enterprise Single Sign-On is vulnerable to SOAPAction spoofing (CVE-2022-38712)

Summary IBM Security Access Manager for Enterprise Single Sign-On includes IBM WebSphere Application Server. IBM WebSphere Application Server is vulnerable to SOAPAction spoofing CVE-2022-38712 Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected...

5.9CVSS4.9AI score0.00475EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/07 8:11 a.m.28 views

Security Bulletin: A security vulnerability has been identified in WebSphere Application Server shipped with IBM Security Guardium Key Lifecycle Manager (SKLM/GKLM) (CVE-2022-40750)

Summary WebSphere Application Server is shipped as a component of IBM Security Key Lifecycle Manager SKLM/GKLM. Information about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed...

5.4CVSS5.4AI score0.00371EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/04 11:6 a.m.39 views

Security Bulletin: An identity spoofing vulnerability in IBM WebSphere Application Server Liberty (CVE-2022-22476) affects CICS Transaction Gateway

Summary An identity spoofing vulnerability exists in IBM WebSphere Application Server Liberty used by CICS Transaction Gateway. CICS Transaction Gateway has addressed the vulnerability CVE-2022-22476 Vulnerability Details CVEID:CVE-2022-22476 DESCRIPTION: IBM WebSphere Application Server Liberty...

8.8CVSS6.4AI score0.00642EPSS
Exploits0Affected Software1
Rows per page
Query Builder