Lucene search
K

13330 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2022/11/04 7:19 a.m.11 views

Security Bulletin: A security vulnerability has been identified in WebSphere Application Server shipped with IBM Security Guardium Key Lifecycle Manager (SKLM/GKLM) (CVE-2022-38712)

Summary WebSphere Application Server is shipped as a component of IBM Security Key Lifecycle Manager SKLM/GKLM. Information about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed...

5.9CVSS5.5AI score0.00475EPSS
Exploits0Affected Software1
OSV
OSV
added 2022/11/03 8:15 p.m.2 views

CVE-2022-38712

"IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Web services could allow a man-in-the-middle attacker to conduct SOAPAction spoofing to execute unwanted or unauthorized operations. IBM X-Force ID: 234762."...

5.9CVSS5.8AI score0.00475EPSS
Exploits0References1
NVD
NVD
added 2022/11/03 8:15 p.m.12 views

CVE-2022-38712

"IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Web services could allow a man-in-the-middle attacker to conduct SOAPAction spoofing to execute unwanted or unauthorized operations. IBM X-Force ID: 234762."...

5.9CVSS0.00475EPSS
Exploits0References1
Prion
Prion
added 2022/11/03 8:15 p.m.13 views

Spoofing

"IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Web services could allow a man-in-the-middle attacker to conduct SOAPAction spoofing to execute unwanted or unauthorized operations. IBM X-Force ID: 234762."...

2.6CVSS5.7AI score0.00475EPSS
Exploits0References1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/03 6:40 p.m.27 views

Security Bulletin: Vulnerability identified in IBM WebSphere Application Server shipped with IBM WebSphere Service Registry and Repository (CVE-2022-40750)

Summary IBM WebSphere Application Server is shipped as a component of IBM WebSphere Service Registry and Repository. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulleti...

5.4CVSS5.4AI score0.00371EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/03 3:38 p.m.24 views

Security Bulletin: IBM WebSphere Application Server, which is bundled in IBM WebSphere Hybrid Edition, is vulnerable to SOAPAction spoofing (CVE-2022-38712)

Summary IBM WebSphere Application Server, which is bundled in IBM WebSphere Hybrid Edition, is vulnerable to SOAPAction spoofing CVE-2022-38712 Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected Products and...

5.9CVSS5.5AI score0.00475EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/03 3:14 p.m.11 views

Security Bulletin: IBM WebSphere Application Server, which is bundled in IBM Cloud Pak for Applications, is vulnerable to SOAPAction spoofing (CVE-2022-38712)

Summary IBM WebSphere Application Server, which is bundled in IBM Cloud Pak for Applications, is vulnerable to SOAPAction spoofing CVE-2022-38712 Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected Products and...

5.9CVSS5.6AI score0.00475EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/03 1:37 p.m.28 views

Security Bulletin: The IBM® Engineering Lifecycle Management products recommendation for Denial of Service due to Neko HTML in WebSphere Application Server Liberty (CVE-2022-24839)

Summary The IBM® Engineering Lifecycle Management products on WebSphere Application Server Liberty versions 17.0.0.3 - 22.0.0.10, vulnerbale to Denial of Service due to Neko HTML CVE-2022-24839. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected...

7.5CVSS7.3AI score0.02114EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/03 12:47 p.m.46 views

Security Bulletin: IBM MQ is affected by a denial of service issue in IBM WebSphere Application Server Liberty (CVE-2022-24839)

Summary An issue was identified in IBM WebSphere Application Server Liberty, which IBM MQ ships and uses to supply IBM MQ Console and IBM MQ REST API functionality. Vulnerability Details CVEID:CVE-2022-24839 DESCRIPTION: Sparkle Motion Nokogiri is vulnerable to a denial of service, caused by a...

7.5CVSS7.3AI score0.02114EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/03 8:46 a.m.28 views

Security Bulletin: IBM Security Verify Governance is vulnerable to identity spoofing due to use of IBM WebSphere Application Server Liberty (CVE-2022-22476)

Summary IBM Security Verify Governance uses IBM WebSphere Application Server Liberty which is vulnerable to identity spoofing by an authenticated user using a specially crafted request CVE-2022-22476. The fix includes upgrading IBM WebSphere Application Server Liberty with the security patch...

8.8CVSS6.5AI score0.00642EPSS
Exploits0Affected Software1
Vulnrichment
Vulnrichment
added 2022/11/03 12:0 a.m.4 views

CVE-2022-38712

"IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Web services could allow a man-in-the-middle attacker to conduct SOAPAction spoofing to execute unwanted or unauthorized operations. IBM X-Force ID: 234762."...

6.7AI score0.00475EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/11/03 12:0 a.m.1 views

PT-2022-24543 · Ibm · Ibm Websphere Application Server

Name of the Vulnerable Software and Affected Versions: IBM WebSphere Application Server versions 7.0 through 9.0 Description: The issue allows a man-in-the-middle attacker to conduct SOAPAction spoofing, potentially executing unwanted or unauthorized operations. Recommendations: For versions 7.0...

5.9CVSS5.6AI score0.00475EPSS
Exploits0References4
Cvelist
Cvelist
added 2022/11/03 12:0 a.m.19 views

CVE-2022-38712

"IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Web services could allow a man-in-the-middle attacker to conduct SOAPAction spoofing to execute unwanted or unauthorized operations. IBM X-Force ID: 234762."...

5.7AI score0.00475EPSS
Exploits0References1
CVE
CVE
added 2022/11/03 12:0 a.m.92 views

CVE-2022-38712

CVE-2022-38712 affects IBM WebSphere Application Server 7.0–9.0 Web services, where a MITM attacker could spoof SOAPAction on JAX-WS web services to execute unwanted or unauthorized operations. The known base score is 5.9 (I:H, A:N) with network attack vector and no user interaction. IBM product ...

5.9CVSS5.5AI score0.00475EPSS
Exploits0References1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/02 8:25 p.m.39 views

Security Bulletin: IBM WebSphere Application Server Liberty, which is bundled in IBM Cloud Pak for Applications, is vulnerable to denial of service due to GraphQL Java (CVE-2022-37734)

Summary IBM WebSphere Application Server Liberty, which is bundled in IBM Cloud Pak for Applications, is vulnerable to denial of service due to GraphQL Java CVE-2022-37734 Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions...

7.5CVSS7.3AI score0.02121EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/02 8:24 p.m.43 views

Security Bulletin: IBM WebSphere Application Server Liberty, which is bundled with IBM WebSphere Hybrid Edition, is vulnerable to denial of service due to GraphQL Java (CVE-2022-37734)

Summary IBM WebSphere Application Server Liberty, which is bundled with IBM WebSphere Hybrid Edition, is vulnerable to denial of service due to GraphQL Java CVE-2022-37734 Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions...

7.5CVSS7.3AI score0.02121EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/02 6:43 p.m.31 views

Security Bulletin: A vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Buinses Automation Workflow (CVE-2022-40750)

Summary WebSphere Application Server is shipped as a component of IBM Business Automation Workflow. Information about a security vulnerability affecting IBM WebSphere Application Server Traditional have been published in a security bulletin. Vulnerability Details Refer to the security bulletins...

5.4CVSS5.5AI score0.00371EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/02 6:7 p.m.63 views

Security Bulletin: Vulnerabilities have been identified in IBM WebSphere Application Server shipped with IBM Buinses Process Manager Enterprise Service Bus (July 2022 CPU plus deferred CVE-2021-2163)

Summary WebSphere Application Server is shipped as a component of IBM Business Process Manager Enterprise Serivce Bus. Information about a security vulnerability affecting IBM WebSphere Application Server Traditional have been published in a security bulletin. Vulnerability Details Refer to the...

5.3CVSS6.1AI score0.03566EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/02 5:59 p.m.30 views

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Case Manager (CVE-2022-40750)

Summary IBM WebSphere Application Server is shipped as a component of IBM Case Manager. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the...

5.4CVSS5.4AI score0.00371EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/02 4:39 p.m.16 views

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Business Monitor (CVE-2022-40750)

Summary IBM WebSphere Application Server is shipped as a component of Business Monitor. Information about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixe...

5.4CVSS5.4AI score0.00371EPSS
Exploits0Affected Software1
Rows per page
Query Builder