Lucene search
K

18 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2023/08/31 7:46 p.m.67 views

Security Bulletin: Multiple vulnerabilities affect IBM Tivoli Monitoring included WebSphere Application Server and IBM HTTP Server used by WebSphere Application Server

Summary The following security issues have been identified in the WebSphere Application and IBM HTTP Server included as part of IBM Tivoli Monitoring ITM portal server: CVE-2023-25690, CVE-2023-24966, CVE-2023-24998, CVE-2023-27554, CVE-2022-39161, CVE-2023-32342 and CVE-2023-35890. The remediati...

9.8CVSS8.3AI score0.8377EPSS
Exploits7Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/08/01 7:44 a.m.20 views

Security Bulletin: The IBM® Engineering Lifecycle Engineering product using IBM WebSphere Application Server traditional is vulnerable to an XML External Entity (XXE) Injection vulnerability - CVE-2023-27554

Summary IBM WebSphere Application Server is vulnerable to an XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. Following IBM® Engineering Lifecycle Engineering product ...

9.1CVSS7.6AI score0.00859EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/07/24 2:52 p.m.21 views

Security Bulletin: Multiple security vulnerabilities have been identified in IBM WebSphere Application Server which is a component of IBM Operations Analytics Predictive Insights

Summary Websphere Application Server WAS is a component of IBM Operations Analytics Predictive Insights. Multiple vulnerabilities in Websphere Application Server WAS 8.5 and 9.0 affect IBM Operations Analytics Predictive Insights 1.3.6 or earlier. Information about the following relevant...

9.1CVSS6.2AI score0.00859EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2023/07/18 10:46 p.m.45 views

Security Bulletin: IBM WebSphere Application Server is vulnerable to an XML External Entity (XXE) Injection vulnerability (CVE-2023-27554)

Summary IBM WebSphere Application Server is vulnerable to an XML External Entity XXE Injection vulnerability. This has been addressed in the remediation section. Vulnerability Details CVEID:CVE-2023-27554 DESCRIPTION: IBM WebSphere Application Server is vulnerable to an XML External Entity...

9.1CVSS7.5AI score0.00859EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/06/30 6:15 a.m.33 views

Security Bulletin: Multiple vulnerabilities for IBM WebSphere Application Server addressed in IBM Security Verify Governance (CVE-2022-39161, CVE-2023-24998, CVE-2023-27554)

Summary Multiple security vulnerabilities for IBM WebSphere Application Server traditional and Liberty have been addressed in IBM Security Verify Governance - Identity Manager Virtual Appliance component. Vulnerability Details CVEID:CVE-2022-39161 DESCRIPTION: IBM WebSphere Application Server 7.0...

9.1CVSS8AI score0.46836EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/06/28 5:16 p.m.22 views

Security Bulletin: Security vulnerabilities have been identified in IBM WebSphere Application Server used by IBM Master Data Management

Summary IBM WebSphere Application Server is vulnerable to an XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 249185. Vulnerability Details...

9.1CVSS7.6AI score0.00859EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/31 3:45 a.m.19 views

Security Bulletin: IBM WebSphere Application Server shipped with IBM Security Access Manager for Enterprise Single Sign-On is vulnerable to an XML External Entity (XXE) Injection vulnerability (CVE-2023-27554)

Summary Security Bulletin: IBM WebSphere Application Server shipped with IBM Security Access Manager for Enterprise Single Sign-On is vulnerable to an XML External Entity XXE Injection vulnerability CVE-2023-27554. This has been addressed in the remediation section below. Vulnerability Details...

9.1CVSS7.7AI score0.00859EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/30 6:9 a.m.21 views

Security Bulletin: A security vulnerability has been identified in WebSphere Application Server traditional shipped with IBM Intelligent Operations Center(CVE-2023-27554)

Summary IBM WebSphere Application Server traditional is shipped with IBM Intelligent Operations Center. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in...

9.1CVSS7.7AI score0.00859EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/26 9:0 p.m.21 views

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Case Manager (CVE-2023-27554)

Summary IBM WebSphere Application Server is shipped as a component of IBM Case Manager. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the...

9.1CVSS7.6AI score0.00859EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/24 12:10 p.m.35 views

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server used by IBM Rational ClearQuest (CVE-2023-27554)

Summary IBM WebSphere Application Server WAS is used by the IBM Rational ClearQuest server and web components. Information about a security vulnerability affecting WAS has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes...

9.1CVSS7.6AI score0.00859EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/17 7:13 a.m.19 views

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Tivoli Netcool/OMNIbus WebGUI (CVE-2023-27554)

Summary Websphere Application Server WAS is shipped as a component of Tivoli Netcool/OMNIbus WebGUI. Information about a security vulnerability affecting WAS has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...

9.1CVSS7.6AI score0.00859EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/17 4:54 a.m.29 views

Security Bulletin: A security vulnerability has been identified in WebSphere Application Server shipped with IBM Security Guardium Key Lifecycle Manager (SKLM/GKLM) (CVE-2023-27554)

Summary WebSphere Application Server is shipped as a component of IBM Security Key Lifecycle Manager SKLM/GKLM. Information about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed...

9.1CVSS7.6AI score0.00859EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/15 9:9 a.m.28 views

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Business Monitor (CVE-2023-27554)

Summary IBM WebSphere Application Server is shipped as a component of Business Monitor. Information about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixe...

9.1CVSS7.6AI score0.00859EPSS
Exploits0Affected Software1
Vulnrichment
Vulnrichment
added 2023/05/11 7:25 p.m.4 views

CVE-2023-27554 IBM WebSphere Application Server XML external entity injection

IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to an XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 249185...

6.3CVSS6.4AI score0.00859EPSS
Exploits0References2
CVE
CVE
added 2023/05/11 7:25 p.m.94 views

CVE-2023-27554

IBM WebSphere Application Server (traditional) versions 8.5 and 9.0 are affected by an XML External Entity (XXE) Injection vulnerability when processing XML data. A remote attacker could exploit this to expose sensitive information or exhaust memory resources. remediation centers on applying IBM ...

9.1CVSS7.6AI score0.00859EPSS
Exploits0References2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/11 4:58 p.m.11 views

Security Bulletin: IBM WebSphere Application Server, which is bundled with IBM Cloud Pak for Applications, is vulnerable to an XML External Entity (XXE) Injection vulnerability (CVE-2023-27554)

Summary IBM WebSphere Application Server, which is bundled with IBM Cloud Pak for Applications, is vulnerable to an XML External Entity XXE Injection vulnerability CVE-2023-27554 Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and...

9.1CVSS7.6AI score0.00859EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/11 4:57 p.m.31 views

Security Bulletin: IBM WebSphere Application Server, which is bundled with IBM WebSphere Hybrid Edition, is vulnerable to an XML External Entity (XXE) Injection vulnerability (CVE-2023-27554)

Summary IBM WebSphere Application Server, which is bundled with IBM WebSphere Hybrid Edition, is vulnerable to an XML External Entity XXE Injection vulnerability CVE-2023-27554 Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and...

9.1CVSS7.6AI score0.00859EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/11 4:24 p.m.20 views

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Asset and Service Management (CVE-2023-27554)

Summary IBM WebSphere Application Server is shipped as a component of Maximo Asset Management, Maximo Industry Solutions including Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life Sciences, Maximo for Oil and Gas, and Maximo for Utilities, Maximo Adapter for Primavera,...

9.1CVSS7.6AI score0.00859EPSS
Exploits0Affected Software11
Rows per page
Query Builder