Lucene search
K

13330 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2022/10/25 9:43 p.m.19 views

Security Bulletin: IBM Robotic Process Automation may be vulnerable to HTTP Header Injections due to IBM WebSphere Application Server Liberty (CVE-2022-34165)

Summary IBM WebSphere Applicaiton Server Liberty is used by IBM Robotic Process Automation as part of OCR, Antivirus, and User Management Services. CVE-2022-34165 Vulnerability Details CVEID:CVE-2022-34165 DESCRIPTION: IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 and IBM WebSphere...

5.4CVSS5.4AI score0.00441EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/10/24 4:46 p.m.31 views

Security Bulletin: Vulnerabilities have been identified in WebSphere Application Server Liberty shipped with Cloud Pak System (CVE-2022-22393, CVE-2022-22475)

Summary Vulnerabilities have been identified in WebSsphere Application Server Liberty shipped wioth Cloud Pak System. IBM Cloud Pak System ship with optional Single- Sign-On SSO feature. Information about a security vulnerability affecting IBM WebSphere Application Server Liberty have been...

6.5CVSS5.5AI score0.00678EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/10/21 8:23 p.m.26 views

Security Bulletin: Multiple Security Vulnerabilities in IBM WebSphere Liberty affects IBM Voice Gateway

Summary Multiple security vulnerabilities in IBM WebSphere Liberty affect certain IBM Voice Gateway microservices. Vulnerability Details CVEID:CVE-2022-34165 DESCRIPTION: IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.9...

7.5CVSS7AI score0.02114EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/10/21 6:57 a.m.35 views

Security Bulletin: Multiple vulnerabilities in IBM HTTP Server used by WebSphere Application Server affect IBM Business Automation Workflow (CVE-2022-40674)

Summary WebSphere Application Server Traditional is shipped as a component of IBM Business Automation Workflow. WebSphere Application Server Liberty is shipped as part of the optional components Process Federation Server since 8.5.6, and User Management Service since 18.0.0.1 in IBM Business...

8.1CVSS9AI score0.01659EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2022/10/20 4:39 p.m.36 views

Security Bulletin: IBM WebSphere Application Server is vulnerable to Cross-site Scripting (CVE-2022-22477)

Summary IBM WebSphere Application Server is vulnerable to cross-site scripting in the Admin Console. This has been addressed. Vulnerability Details CVEID:CVE-2022-22477 DESCRIPTION: IBM WebSphere Application Server is vulnerable to cross-site scripting. This vulnerability allows users to embed...

6.1CVSS5.9AI score0.00495EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/10/20 3:17 p.m.21 views

Security Bulletin: Vulnerability identified in IBM WebSphere Application Server shipped with IBM WebSphere Service Registry and Repository (CVE-2022-38712)

Summary IBM WebSphere Application Server is shipped as a component of IBM WebSphere Service Registry and Repository. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulleti...

5.9CVSS5.5AI score0.00475EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/10/20 12:19 p.m.49 views

Security Bulletin: IBM MQ Operator and Queue manager container images are vulnerable to multiple vulnerabilities from containerd, gnupg2, runc and IBM WebSphere Application Server Liberty

Summary Multiple issues were identified in Red Hat UBIubi8/ubi-minimal v8.6-x packages containerd, gnupg2, runc and IBM WebSphere Application Server Liberty that were shipped with IBM MQ Operator and IBM supplied MQ Advanced container images. Vulnerability Details CVEID:CVE-2022-23648 DESCRIPTION...

8.8CVSS7.6AI score0.27392EPSS
Exploits6Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/10/19 9:19 p.m.23 views

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Case Manager (CVE-2022-38712)

Summary IBM WebSphere Application Server is shipped as a component of IBM Case Manager. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the...

5.9CVSS5.5AI score0.00475EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/10/19 11:40 a.m.68 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affects IBM WebSphere Application Server April 2022 CPU that is bundled with IBM WebSphere Application Server Patterns

Summary IBM WebSphere Application Server is shipped as a component of IBM WebSphere Application Server Patterns. There are multiple vulnerabilities in the IBM SDK Java Technology Edition that is shipped with IBM WebSphere Application Server. These issues were disclosed in the IBM Java SDK updates...

5.3CVSS5.7AI score0.02651EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/10/19 11:22 a.m.12 views

Security Bulletin: A security vulnerability has been identified in WebSphere Application Server shipped with IBM Security Key Lifecycle Manager (GKLM) (CVE-2022-35282)

Summary A security vulnerability has been identified in WebSphere Application Server shipped with IBM Security Key Lifecycle Manager GKLM. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Principal Product and Versions |...

6.5CVSS5.2AI score0.00304EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/10/18 3:20 p.m.24 views

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Asset and Service Management (CVE-2022-38712)

Summary IBM WebSphere Application Server is shipped as a component of Maximo Asset Management, Maximo Industry Solutions including Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life Sciences, Maximo for Oil and Gas, and Maximo for Utilities, Maximo Adapter for Primavera,...

5.9CVSS5.6AI score0.00475EPSS
Exploits0Affected Software11
IBM Security Bulletins
IBM Security Bulletins
added 2022/10/18 9:15 a.m.19 views

Security Bulletin: A vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Buinses Automation Workflow (CVE-2022-38712)

Summary WebSphere Application Server is shipped as a component of IBM Business Automation Workflow. Information about a security vulnerability affecting IBM WebSphere Application Server Traditional have been published in a security bulletin. Vulnerability Details Refer to the security bulletins...

5.9CVSS5.6AI score0.00475EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2022/10/18 9:8 a.m.42 views

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Business Monitor (CVE-2022-38712)

Summary IBM WebSphere Application Server is shipped as a component of Business Monitor. Information about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixe...

5.9CVSS5.5AI score0.00475EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/10/18 6:46 a.m.31 views

Security Bulletin: The IBM® Engineering Lifecycle Management products recommendation for IBM WebSphere Application Server Liberty vulnerability to Identity Spoofing (CVE-2022-22475)

Summary On applications on IBM WebSphere Application Server Liberty, an authenticated user could use a brute force attack to extract an encryption key from LTPA token and through a series of involved steps could conduct an attack whereby they replace their user name with that of another user in t...

6.5CVSS5.7AI score0.00564EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/10/17 4:20 p.m.36 views

Security Bulletin: IBM WebSphere Application Server is vulnerable to SOAPAction spoofing (CVE-2022-38712)

Summary IBM WebSphere Application Server is vulnerable to SOAPAction spoofing when processing JAX-WS Web Services requests. This has been addressed. Vulnerability Details CVEID:CVE-2022-38712 DESCRIPTION: IBM WebSphere Application Server Web services could allow a man-in-the-middle attacker to...

5.9CVSS5.6AI score0.00475EPSS
Exploits0Affected Software1
CNNVD
CNNVD
added 2022/10/17 12:0 a.m.2 views

IBM WebSphere Application Server 安全漏洞

IBM WebSphere Application Server WAS is an application server product from International Business Machines IBM. The product is a platform for JavaEE and Web services applications and is the foundation of the IBM WebSphere software platform. A security vulnerability exists in IBM WebSphere...

5.9CVSS6.1AI score0.00475EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 2022/10/14 8:44 p.m.18 views

Security Bulletin: A clickjacking vulnerability in WebSphere Application Server Liberty affects IBM InfoSphere Information Server

Summary A clickjacking vulnerability in WebSphere Application Server Liberty that is used by IBM InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2021-39038 DESCRIPTION: IBM WebSphere Application Server 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 through...

5.4CVSS5AI score0.00689EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/10/14 9:0 a.m.22 views

Security Bulletin: Multiple vulnerabilities have been identified in IBM WebSphere Application Server used by IBM Rational ClearQuest (CVE-2022-34165, CVE-2022-34336, CVE-2022-35282)

Summary IBM WebSphere Application Server WAS is used by the IBM Rational ClearQuest server and web components. Information about security vulnerabilities affecting WAS have been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes...

6.5CVSS6.4AI score0.00441EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/10/13 10:19 p.m.29 views

Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in WebSphere Application Server Liberty

Summary IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of WebSphere Application Server Liberty. Vulnerability Details CVEID:CVE-2022-22476 DESCRIPTION: IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.7 and Open Liberty are vulnerable to identity...

8.8CVSS6.8AI score0.00827EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/10/12 9:11 p.m.35 views

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Asset and Service Management (CVE-2022-35282)

Summary IBM WebSphere Application Server is shipped as a component of Maximo Asset Management, Maximo Industry Solutions including Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life Sciences, Maximo for Oil and Gas, and Maximo for Utilities, Maximo Adapter for Primavera,...

6.5CVSS5.2AI score0.00304EPSS
Exploits0Affected Software11
Rows per page
Query Builder