4 matches found
Security Bulletin: Various security issues exist in WebSphere Service Registry and Repository version 8.5
Summary This bulletin describes a variety of noncritical security issues that have been found and fixed in WebSphere Service Registry and Repository version 8.5. Vulnerability Details CVE ID: CVE-2014-6153 DESCRIPTION: WSRR WEBUI ISSUES A COOKIE WHICH IS NOT DECLARED SSL ONLY. CVSS CVSS Base Scor...
IBM WebSphere Service Registry and Repository 8.5 < 8.5.0.1 Multiple Vulnerabilities
The version of IBM WebSphere Service Registry and Repository WSRR is version 8.5 prior to 8.5.0.1. It is therefore, affected by multiple vulnerabilities : - An unspecified DOM based cross-site scripting XSS vulnerability in the WSRR web UI. CVE-2014-6132 - WSSR web interface issues a cookie that ...
CVE-2014-6160
IBM WebSphere Service Registry and Repository WSRR 8.5 before 8.5.0.1, when Chrome and WebSEAL are used, does not properly process ServiceRegistryDashboard logout actions, which allows remote attackers to bypass intended access restrictions by leveraging an unattended workstation...
CVE-2014-6160
IBM WebSphere Service Registry and Repository (WSRR) 8.5 before 8.5.0.1 is affected by CVE-2014-6160: when using Chrome with WebSEAL, ServiceRegistryDashboardLogout actions are not properly processed, allowing a remote attacker to bypass access restrictions by exploiting an unattended workstation...