2 matches found
IBM WebSphere Portal 8.0.0.x < 8.0.0.1 CF15 Multiple Vulnerabilities
The version of IBM WebSphere Portal installed on the remote host is 8.0.0.x prior to 8.0.0.1 CF15. It is, therefore, affected by multiple vulnerabilities : - A flaw exists in 'Apache Commons HttpClient' that allows a man-in-the-middle attacker to spoof SSL servers via a certificate with a subject...
CVE-2014-4814
CVE-2014-4814 affects IBM WebSphere Portal versions 6.1.0 (through 6.1.0.6 CF27), 6.1.5 (through 6.1.5.3 CF27), 7.0 (through 7.0.0.2 CF28), 8.0 (through 8.0.0.1 CF14), and 8.5.0 before CF03. The issue is failure to properly detect recursion during entity expansion in XML, allowing remote authenti...