CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

IBM Security Bulletins•added 2019/10/01 5:5 a.m.•19 views

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Operations Analytics Predictive Insights (CVE-2019-4442)

Summary Websphere Application Server WAS is shipped as a component of IBM Operations Analytics Predictive Insights. Information about a security vulnerability affecting WAS has been published in a security bulletin. Vulnerability Details Please consult the security bulletin Path traversal...

4.3CVSS1.2AI score0.0042EPSS

NVD•added 2019/09/30 4:15 p.m.•9 views

CVE-2019-4112

IBM WebSphere eXtreme Scale 8.6 Admin Console allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 158105...

4CVSS3.4AI score0.00046EPSS

NVD•added 2019/09/30 4:15 p.m.•8 views

CVE-2019-4106

IBM WebSphere eXtreme Scale 8.6 Admin Console is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID:...

4.8CVSS4.8AI score0.00179EPSS

NVD•added 2019/09/30 4:15 p.m.•9 views

CVE-2019-4109

IBM WebSphere eXtreme Scale 8.6 Admin Console could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attack...

6.1CVSS6.2AI score0.00181EPSS

OSV•added 2019/09/30 4:15 p.m.•0 views

CVE-2019-4109

6.1CVSS6.4AI score

OSV•added 2019/09/30 4:15 p.m.•1 views

CVE-2019-4106

4.8CVSS5.5AI score

OSV•added 2019/09/30 4:15 p.m.•1 views

CVE-2019-4112

IBM WebSphere eXtreme Scale 8.6 Admin Console allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 158105...

3.3CVSS5.9AI score0.00046EPSS

Prion•added 2019/09/30 4:15 p.m.•8 views

Design/Logic Flaw

5.8CVSS6.1AI score0.00181EPSS

Prion•added 2019/09/30 4:15 p.m.•9 views

Code injection

IBM WebSphere eXtreme Scale 8.6 Admin Console allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 158105...

2.1CVSS3.3AI score0.00046EPSS

Cvelist•added 2019/09/30 3:20 p.m.•13 views

CVE-2019-4112

IBM WebSphere eXtreme Scale 8.6 Admin Console allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 158105...

4CVSS3.3AI score0.00046EPSS

CVE•added 2019/09/30 3:20 p.m.•53 views

CVE-2019-4112

CVE-2019-4112 affects IBM WebSphere eXtreme Scale 8.6 Admin Console. Root cause: the Admin Console stores web pages locally, enabling another user on the system to read them, leading to information disclosure. Public evidence from CNVD/NVD and IBM security bulletin corroborates the Admin Console ...

4CVSS3.9AI score0.00046EPSS

CVE•added 2019/09/30 3:20 p.m.•47 views

CVE-2019-4106

IBM WebSphere eXtreme Scale Admin Console (version 8.6) is vulnerable to cross-site scripting in the Admin Console UI, enabling an attacker to inject arbitrary JavaScript and potentially disclose credentials within a trusted session. The issue is identified as CVE-2019-4106. According to IBM’s bu...

4.8CVSS5.1AI score0.00179EPSS

Cvelist•added 2019/09/30 3:20 p.m.•17 views

CVE-2019-4109

6.1CVSS6.1AI score0.00181EPSS

Cvelist•added 2019/09/30 3:20 p.m.•11 views

CVE-2019-4106

4.8CVSS4.8AI score0.00179EPSS

CVE•added 2019/09/30 3:20 p.m.•45 views

CVE-2019-4109

CVE-2019-4109 affects IBM WebSphere eXtreme Scale Admin Console (8.6). The Admin Console could allow a remote attacker to hijack a victim’s click actions by convincing the user to visit a malicious site, potentially enabling further attacks. Public sources corroborate this as a clickjacking/inter...

6.1CVSS6.1AI score0.00181EPSS

Positive Technologies•added 2019/09/30 12:0 a.m.•2 views

PT-2019-16901 · Ibm · Ibm Websphere Extreme Scale

Name of the Vulnerable Software and Affected Versions: IBM WebSphere eXtreme Scale version 8.6 Description: The issue allows users to embed arbitrary JavaScript code in the Web UI, potentially altering the intended functionality and leading to credentials disclosure within a trusted session...

4.8CVSS5.4AI score0.00179EPSS

Exploits0References3

IBM Security Bulletins•added 2019/09/25 6:39 p.m.•23 views

Security Bulletin: Multiple vulnerabilities in IBM WebSphere eXtreme Scale Liberty Deployment could expose sensitive information(CVE-2019-4106, CVE-2019-4109, CVE-2019-4112, CVE-2019-4115)

Summary Multiple vulnerabilities in IBM WebSphere eXtreme Scale Client could expose sensitive information. Vulnerability Details CVEID: CVE-2019-4106 DESCRIPTION: IBM WebSphere Extreme Scale Admin Console is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary...

6.1CVSS0.7AI score0.00181EPSS

IBM Security Bulletins•added 2019/09/25 2:35 p.m.•14 views

Security Bulletin: A Security Vulnerability has been Identified in Websphere Application Server Shipped with Predictive Customer Intelligence (CVE-2019-4270)

Summary Websphere Application Server is shipped with Predictive Customer Intelligence. Information about a security vulnerability affecting Websphere Application Server has been published in a security bulletin. Vulnerability Details Please consult the security bulletin Security Bulletin:...

5.4CVSS2.1AI score0.00174EPSS

OSV•added 2019/09/17 7:15 p.m.•0 views

CVE-2019-4270

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Admin Console is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted...

5.4CVSS6AI score0.00174EPSS