Lucene search
K

13351 matches found

ATTACKERKB
ATTACKERKB
added 2022/10/04 12:0 a.m.5 views

CVE-2022-22493

IBM WebSphere Automation for Cloud Pak for Watson AIOps 1.4.2 is vulnerable to cross-site request forgery, caused by improper cookie attribute setting. IBM X-Force ID: 226449...

8.8CVSS6AI score0.00262EPSS
Exploits0References3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/10/03 12:40 p.m.21 views

Security Bulletin: CP4D Match 360 is impacted due to vulnerability in IBM WebSphere Application Server Liberty due to Identity Spoofing (CVE-2022-22476)

Summary IBM WebSphere Application Server Liberty is vulnerable to identity spoofing with the appSecurity-1.0, appSecurity-2.0, appSecurity-3.0 or appSecurity-4.0 feature enabled. This has been addressed. IBM Match 360 v4.5.2 and prior, is also vulnerable given that it uses WebSphere Application...

8.8CVSS6.5AI score0.00642EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/30 6:57 p.m.15 views

Security Bulletin: IBM WebSphere Application Server, which is bundled with IBM Cloud Pak for Applications, is vulnerable to Server-Side Request Forgery (CVE-2022-35282)

Summary IBM WebSphere Application Server, which is bundled with IBM Cloud Pak for Applications, is vulnerable to Server-Side Request Forgery CVE-2022-35282 Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected Product...

6.5CVSS5.2AI score0.00304EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/30 6:54 p.m.28 views

Security Bulletin: IBM WebSphere Application Server Liberty, which is bundled with IBM Cloud Pak for Applications, is vulnerable to a Denial of Service due to Neko HTML (CVE-2022-24839)

Summary IBM WebSphere Application Server Liberty, which is bundled with IBM Cloud Pak for Applications, is vulnerable to a Denial of Service due to Neko HTML CVE-2022-24839 Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions...

7.5CVSS7.4AI score0.02114EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/30 8:43 a.m.29 views

Security Bulletin: A security vulnerability has been identified in WebSphere Application Server shipped with IBM Security Guardium Key Lifecycle Manager (SKLM/GKLM) (CVE-2022-34336)

Summary WebSphere Application Server is shipped as a component of IBM Security Key Lifecycle Manager SKLM/GKLM. Information about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin. Vulnerability Details CVEID:CVE-2022-34336 DESCRIPTION: IBM...

5.4CVSS5.5AI score0.00412EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/30 8:39 a.m.84 views

Security Bulletin: A security vulnerability has been identified in WebSphere Application Server shipped with IBM Security Guardium Key Lifecycle Manager (SKLM/GKLM) (CVE-2022-34165)

Summary WebSphere Application Server is shipped as a component of IBM Security Key Lifecycle Manager SKLM/GKLM. Information about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed...

5.4CVSS5.9AI score0.00441EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2022/09/30 12:0 a.m.49 views

IBM WebSphere Application SSRF (6824179)

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to server-side request forgery SSRF. By sending a specially crafted request, an attacker with local network access could exploit this vulnerability to obtain sensitive data. Note that Nessus has not tested for this issue but ha...

6.5CVSS5.8AI score0.00304EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/29 3:1 p.m.23 views

Security Bulletin: Vulnerability identified in IBM WebSphere Application Server shipped with IBM WebSphere Service Registry and Repository (CVE-2022-35282)

Summary IBM WebSphere Application Server is shipped as a component of IBM WebSphere Service Registry and Repository. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulleti...

6.5CVSS5.2AI score0.00304EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/29 7:14 a.m.13 views

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Business Monitor (CVE-2022-35282)

Summary IBM WebSphere Application Server is shipped as a component of Business Monitor. Information about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixe...

6.5CVSS5.1AI score0.00304EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/29 6:55 a.m.29 views

Security Bulletin: A vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Buinses Automation Workflow and IBM Business Process Manager (CVE-2022-35282)

Summary WebSphere Application Server is shipped as a component of IBM Business Automation Workflow and IBM Business Process Manager. Information about a security vulnerability affecting IBM WebSphere Application Server Traditional have been published in a security bulletin. Vulnerability Details...

6.5CVSS5.3AI score0.00304EPSS
Exploits0Affected Software6
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/29 3:42 a.m.18 views

Security Bulletin: WebSphere Application Server shipped with IBM Security Access Manager for Enterprise Single Sign-On is vulnerable to cross-site scripting in the Admin Console (CVE-2022-34336)

Summary IBM Security Access Manager for Enterprise Single Sign-On includes IBM WebSphere Application Server. IBM WebSphere Application Server is vulnerable to cross-site scripting in the Admin Console CVE-2022-34336 Vulnerability Details Refer to the security bulletins listed in the...

5.4CVSS5.5AI score0.00412EPSS
Exploits0Affected Software1
NVD
NVD
added 2022/09/29 3:15 a.m.21 views

CVE-2012-2201

IBM WebSphere MQ 7.1 is vulnerable to a denial of service, caused by an error when handling user ids. A remote attacker could exploit this vulnerability to bypass the security configuration setup on a SVRCONN channel and flood the queue manager...

7.5CVSS0.01693EPSS
Exploits0References1
Prion
Prion
added 2022/09/29 3:15 a.m.26 views

Security feature bypass

IBM WebSphere MQ 7.1 is vulnerable to a denial of service, caused by an error when handling user ids. A remote attacker could exploit this vulnerability to bypass the security configuration setup on a SVRCONN channel and flood the queue manager...

5CVSS7.1AI score0.01693EPSS
Exploits0References1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/29 12:5 a.m.27 views

Security Bulletin: Vulnerabilities in IBM Java Runtime and IBM WebSphere Application Server Liberty affect IBM Spectrum Protect Backup-Archive Client, IBM Spectrum Protect for Space Management, and IBM Spectrum Protect for Virtual Environments

Summary IBM Spectrum Protect Backup-Archive Client, IBM Spectrum Protect for Space Management, and IBM Spectrum Protect for Virtual Environments may be affected by the below IBM Java and IBM WebSphere Application Server Liberty vulnerabilities CVEs. Vulnerability Details CVEID:CVE-2022-22476...

8.8CVSS6.7AI score0.02651EPSS
Exploits0Affected Software3
CNNVD
CNNVD
added 2022/09/29 12:0 a.m.5 views

IBM WebSphere MQ 安全漏洞

IBM WebSphere MQ is a system from International Business Machines IBM, Inc. A denial-of-service vulnerability exists in IBM WebSphere MQ version 7.1. A remote attacker could use this vulnerability to bypass security configuration settings and cause a denial of service...

7.5CVSS6.6AI score0.01693EPSS
Exploits0References3
CNVD
CNVD
added 2022/09/29 12:0 a.m.26 views

IBM WebSphere Application Server Code Issue Vulnerability (CNVD-2022-66768)

IBM WebSphere Application Server WAS is an application server product from International Business Machines IBM. The product is a platform for JavaEE and Web services applications and is the foundation of the IBM WebSphere software platform. A code issue vulnerability exists in IBM WebSphere...

6.5CVSS6.3AI score0.00304EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/28 4:48 p.m.28 views

Security Bulletin: IBM WebSphere Application Server Liberty is vulnerable to a Denial of Service due to Neko HTML (CVE-2022-24839)

Summary There is a vulnerability in the Neko HTML library used by IBM WebSphere Application Server Liberty with the openid-2.0 feature enabled. This has been addressed. Vulnerability Details CVEID:CVE-2022-24839 DESCRIPTION: Sparkle Motion Nokogiri is vulnerable to a denial of service, caused by ...

7.5CVSS7.3AI score0.02114EPSS
Exploits0Affected Software1
OSV
OSV
added 2022/09/28 4:15 p.m.2 views

CVE-2022-35282

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to server-side request forgery SSRF. By sending a specially crafted request, an attacker with local network access could exploit this vulnerability to obtain sensitive data...

6.5CVSS5.8AI score0.00304EPSS
Exploits0References2
NVD
NVD
added 2022/09/28 4:15 p.m.10 views

CVE-2022-35282

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to server-side request forgery SSRF. By sending a specially crafted request, an attacker with local network access could exploit this vulnerability to obtain sensitive data...

6.5CVSS0.00304EPSS
Exploits0References2
Prion
Prion
added 2022/09/28 4:15 p.m.23 views

Server side request forgery (ssrf)

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to server-side request forgery SSRF. By sending a specially crafted request, an attacker with local network access could exploit this vulnerability to obtain sensitive data...

3.3CVSS6.2AI score0.00304EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder