Lucene search
K

13330 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2022/10/11 6:8 p.m.48 views

Security Bulletin: Security vulnerabilities have been identified in IBM WebSphere Application Server shipped with IBM Security Directory Server

Summary IBM WebSphere Application Server is shipped with IBM Security Directory Server. Information about security vulnerabilities affecting IBM WebSphere Application Server have been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the...

6.1CVSS6.5AI score0.00689EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/10/11 3:53 p.m.17 views

Security Bulletin: Security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Security Identity Manager

Summary IBM WebSphere Application Server WAS is shipped with IBM Security Identity Manager ISIM. Information about security vulnerabilities affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the...

6.6AI score
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/10/11 2:36 a.m.25 views

Security Bulletin: WebSphere Application Server shipped with IBM Security Access Manager for Enterprise Single Sign-On is vulnerable to Server-Side Request Forgery (CVE-2022-35282)

Summary IBM Security Access Manager for Enterprise Single Sign-On includes IBM WebSphere Application Server. IBM WebSphere Application Server is vulnerable to Server-Side Request Forgery CVE-2022-35282 Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...

6.5CVSS5.3AI score0.00304EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/10/10 8:25 a.m.22 views

Security Bulletin: A security vulnerability has been identified in WebSphere Application Server traditional shipped with IBM Intelligent Operations Center (CVE-2022-34336)

Summary IBM WebSphere Application Server traditional is shipped with IBM Intelligent Operations Center. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in...

5.4CVSS5.6AI score0.00412EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2022/10/10 8:22 a.m.18 views

Security Bulletin: A security vulnerability has been identified in WebSphere Application Server traditional shipped with IBM Intelligent Operations Center (CVE-2022-35282)

Summary IBM WebSphere Application Server traditional is shipped with IBM Intelligent Operations Center. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in...

6.5CVSS5.2AI score0.00304EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2022/10/10 6:6 a.m.17 views

Security Bulletin: Multiple security vulnerabilities have been identified in IBM WebSphere Application Server shipped with IBM Rational ClearCase ( CVE-2022-34165, CVE-2022-35282, CVE-2022-34336 )

Summary IBM WebSphere Application Server WAS is shipped as a component of IBM Rational ClearCase. Information about security vulnerabilities affecting WAS have been published in security bulletins. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...

6.5CVSS6.5AI score0.00441EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/10/07 6:20 p.m.21 views

Security Bulletin:IBM WebSphere Application Server, which is bundled with IBM WebSphere Hybrid Edition, is vulnerable to Server-Side Request Forgery (CVE-2022-35282)

Summary IBM WebSphere Application Server, which is bundled with IBM WebSphere Hybrid Edition, is vulnerable to Server-Side Request Forgery CVE-2022-35282 Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected Products...

6.5CVSS5.2AI score0.00304EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/10/07 6:19 p.m.45 views

Security Bulletin: IBM WebSphere Application Server Liberty, which is bundled with IBM WebSphere Hybrid Cloud Edition, is vulnerable to a Denial of Service due to Neko HTML (CVE-2022-24839)

Summary IBM WebSphere Application Server Liberty, which is bundled with IBM WebSphere Hybrid Cloud Edition, is vulnerable to a Denial of Service due to Neko HTML CVE-2022-24839 Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and...

7.5CVSS7.4AI score0.02114EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/10/07 6:9 p.m.38 views

Security Bulletin: IBM WebSphere Application Server, which is bundled with IBM WebSphere Hybrid Edition, is vulnerable to Cross-site Scripting (CVE-2022-22477)

Summary IBM WebSphere Application Server, which is bundled with IBM WebSphere Hybrid Edition, is vulnerable to Cross-site Scripting CVE-2022-22477 Vulnerability Details CVEID:CVE-2022-22477 DESCRIPTION: IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to cross-site scripting. This...

6.1CVSS5.9AI score0.00495EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/10/07 5:40 p.m.29 views

Security Bulletin: Liberty for Java for IBM Cloud is vulnerable to Identity Spoofing (CVE-2022-22475)

Summary Liberty for Java for IBM Cloud is vulnerable to identity spoofing with the appSecurity-1.0, appSecurity-2.0, appSecurity-3.0 or appSecurity-4.0 feature enabled. This has been addressed. Vulnerability Details CVEID:CVE-2022-22475 DESCRIPTION: IBM WebSphere Application Server Liberty and Op...

6.5CVSS6.1AI score0.00564EPSS
Exploits0Affected Software1
NVD
NVD
added 2022/10/07 5:15 p.m.12 views

CVE-2022-22493

IBM WebSphere Automation for Cloud Pak for Watson AIOps 1.4.2 is vulnerable to cross-site request forgery, caused by improper cookie attribute setting. IBM X-Force ID: 226449...

8.8CVSS0.00262EPSS
Exploits0References2
OSV
OSV
added 2022/10/07 5:15 p.m.2 views

CVE-2022-22493

IBM WebSphere Automation for Cloud Pak for Watson AIOps 1.4.2 is vulnerable to cross-site request forgery, caused by improper cookie attribute setting. IBM X-Force ID: 226449...

8.8CVSS5.7AI score0.00262EPSS
Exploits0References2
Prion
Prion
added 2022/10/07 5:15 p.m.14 views

Cross site request forgery (csrf)

IBM WebSphere Automation for Cloud Pak for Watson AIOps 1.4.2 is vulnerable to cross-site request forgery, caused by improper cookie attribute setting. IBM X-Force ID: 226449...

6.8CVSS8.2AI score0.00262EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/10/07 5:0 p.m.15 views

CVE-2022-22493

IBM WebSphere Automation for Cloud Pak for Watson AIOps 1.4.2 is vulnerable to cross-site request forgery, caused by improper cookie attribute setting. IBM X-Force ID: 226449...

3.5CVSS8.3AI score0.00262EPSS
Exploits0References2
CVE
CVE
added 2022/10/07 5:0 p.m.58 views

CVE-2022-22493

CVE-2022-22493 affects IBM WebSphere Automation for Cloud Pak for Watson AIOps up to version 1.4.2, where cross-site request forgery arises from improper cookie attribute settings. Remediation per IBM bulletin is to upgrade to 1.4.3 or higher; no exploitation details are provided in the connected...

8.8CVSS8.2AI score0.00262EPSS
Exploits0References2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/10/07 4:29 p.m.16 views

Security Bulletin: Multiple vulnerabilities have been identified in IBM WebSphere Application Server shipped with IBM Business Monitor (CVE-2022-22365)

Summary IBM WebSphere Application Server is shipped as a component of Business Monitor. Information about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin. Vulnerability Details CVEID:CVE-2022-22365 DESCRIPTION: IBM WebSphere Application...

5.9CVSS5.4AI score0.00553EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/10/07 4:29 p.m.17 views

Security Bulletin: A vulnerability has been identified in IBM WebSphere Application Server traditional and Liberty profile shipped with IBM Business Automation Workflow (CVE-2021-2163)

Summary WebSphere Application Server traditional and WebSphere Application Server Liberty profile are shipped as a component of IBM Business Automation Workflow. Information about a security vulnerability affecting IBM WebSphere Application Server Traditional and Liberty profile have been publish...

5.3CVSS6.1AI score0.03566EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/10/07 4:18 p.m.12 views

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Business Monitor (CVE-2022-34165)

Summary IBM WebSphere Application Server is shipped as a component of Business Monitor. Information about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin. Vulnerability Details CVEID:CVE-2022-34165 DESCRIPTION: IBM WebSphere Application...

5.4CVSS5.6AI score0.00441EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/10/07 4:9 p.m.26 views

Security Bulletin: Liberty for Java for IBM Cloud is vulnerable to HTTP header injection (CVE-2022-34165)

Summary Liberty for Java for IBM Cloud is vulnerable to HTTP header injection when processing web requests. This has been addressed. Vulnerability Details CVEID:CVE-2022-34165 DESCRIPTION: IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 and IBM WebSphere Application Server Liberty 17.0.0....

5.4CVSS5.9AI score0.00441EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/10/07 4:1 p.m.21 views

Security Bulletin: WebSphere Application Server Liberty is vulnerable to Cross-site Scripting that affects Liberty for Java for IBM Cloud (CVE-2020-4303, CVE-2020-4304)

Summary There is a cross-site scripting vulnerability in the OAuth, OpenID Connect and SAML features. This has been addressed. Vulnerability Details CVEID:CVE-2020-4303 DESCRIPTION: IBM WebSphere Application Server - Liberty 17.0.0.3 through 20.0.0.3 is vulnerable to cross-site scripting. This...

6.1CVSS6AI score0.00797EPSS
Exploits0Affected Software1
Rows per page
Query Builder