IBM WebSphere Application Server 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.18 / 9.0.x < 9.0.5.5 SSRF (CVE-2019-17566)

The IBM WebSphere Application Server running on the remote host is version 8.0.0.0 through 8.0.0.15, 8.5.0.x prior to 8.5.5.18, or 9.0.x prior to 9.0.5.5. It is, therefore, affected by a server-side request forgery vulnerability due to improper input validation by the xlink:href attributes. An...

IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.14 / 9.0.x < 9.0.0.8 Information Disclosure (CVE-2012-5783)

The IBM WebSphere Application Server running on the remote host is version 7.0.0.x through 7.0.0.45, 8.0.0.x through 8.0.0.15, 8.5.0.x prior to 8.5.5.14 or 9.0.x prior to 9.0.0.8. It is, therefore, affected by an information disclosure vulnerability in the Apache Commons HttpClient subcomponent d...

IBM MQ 7.1.x / 7.5.x / 8.0.0.x < 8.0.0.15 / 9.0.0.x < 9.0.0.10 / 9.1.0.x < 9.1.0.5 LTS / 9.1.x < 9.1.5 CD Denial of Service Vulnerability (DoS)

According to its self-reported version, the IBM MQ server installed on the remote host is 8.0.0.x prior to 8.0.0.14 or 9.1.0.x prior to 9.1.0.5 LTS or 9.1.5 CD and is therefore affected by a denial of service vulnerability. An authenticated, remote attacker can exploit this issue and cause an err...

IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.17 / 9.0.x < 9.0.5.3 Command Execution (CVE-2020-4163)

The IBM WebSphere Application Server running on the remote host is version 7.0.0.0 through 7.0.0.45, 8.0.0.0 through 8.0.0.15, 8.5.0.x prior to 8.5.5.17, or 9.0.x prior to 9.0.5.3. It is, therefore, affected by a command execution vulnerability. An authenticated, remote attacker can exploit this ...

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server that is shipped with IBM Rational ClearQuest (CVE-2017-1194)

Summary IBM WebSphere Application Server WAS is shipped as a component of IBM Rational ClearQuest. Information about a security vulnerability affecting WAS has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...

IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.17 / 9.0.x < 9.0.5.2 / Liberty < 19.0.0.11 Information Disclosure (CVE-2019-4441)

The IBM WebSphere Application Server running on the remote host is version 7.0.0.0 through 7.0.0.45, 8.0.0.0 through 8.0.0.15, 8.5.0.x prior to 8.5.5.17, or 9.0.x prior to 9.0.5.2, or Liberty prior to 19.0.0.11. It is, therefore, affected by an information disclosure vulnerability. An...

IBM WebSphere Application Server 7.0.x / 8.0.0.x / 8.5.x < 8.5.5.17 / 9.0.0.x < 9.0.5.2 Directory Traversal Vulnerability

The IBM WebSphere Application Server running on the remote host is version 7.0.x, 8.0.0.x, 8.5.0.x prior to 8.5.5.17, or 9.0.0.x prior to 9.0.5.2. It is therefore, affected by a directory traversal vulnerability in the Admin Console. A authenticated, remote attacker can exploit this by sending a...

IBM WebSphere Application Server 7.0.x / 8.0.0.x / 8.5.x < 8.5.5.17 / 9.0.0.x < 9.0.5.2 Information Disclosure (CVE-2019-4477)

The IBM WebSphere Application Server running on the remote host is version 7.0.x, 8.0.0.x, 8.5.0.x prior to 8.5.5.17, or 9.0.0.x prior to 9.0.5.2. It is, therefore, affected by an information disclosure vulnerability. An authenticated remote attacker can exploit this by leveraging improper handli...

IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.16 / 9.0.0.x < 9.0.0.11 Admin Console Denial of Service (DoS) Vulnerability (CVE-2019-4080)

The IBM WebSphere Application Server running on the remote host is version 7.0.0.0 through 7.0.0.45, 8.0.0.0 through 8.0.0.15, 8.5.x prior to 8.5.5.16, or 9.0.0.x prior to 9.0.0.11. It is, therefore, affected by a denial of service DoS vulnerability in the Admin Console. A remote, authenticated...

IBM WebSphere Portal XSS (swg22008028)

The IBM WebSphere Portal installed on the remote host is version 6.1.0.x prior to 6.1.0.6 CF27, 6.1.5.x prior to 6.1.5.3 CF27, 7.0.0.x prior to 7.0.0.2 CF30, 8.0.0.x prior to 8.0.0.1 CF22, and is therefore affected by a cross-site scripting XSS vulnerability. C Tenable Network Security, Inc...

Dell SonicWALL SMA 100 / SRA Series CSRF Vulnerability (SNWLID-2015-0001)

Dell SonicWALL SMA 100 Series and SRA Series appliances are prone to a cross-site request forgery CSRF vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

IBM WebSphere Portal 8.0.0.x < 8.0.0.1 CF20 Multiple Vulnerabilities

The version of IBM WebSphere Portal installed on the remote host is 8.0.0.x prior to 8.0.0.1 CF20. It is, therefore, affected by multiple vulnerabilities : - An open redirect vulnerability exists due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit...

CVE-2015-4996

IBM Rational ClearQuest 7.1.x and 8.0.0.x before 8.0.0.17 and 8.0.1.x before 8.0.1.10 allows local users to spoof database servers and discover credentials via unspecified vectors...

CVE-2013-4012

IBM WebSphere Portal 8.0.0.x before 8.0.0.1 CF09, when Content Template Catalog 4.0 is used, does not require administrative privileges for Portal Application Archive PAA file installation, which allows remote authenticated users to modify data or cause a denial of service via unspecified vectors...

IBM Rational ClearQuest 7.1.x < 7.1.2.8 / 8.0.0.x < 8.0.0.4 GSKit Spoofing (credentialed check)

The remote host has a version of IBM Rational ClearQuest 7.1.x prior to 7.1.2.8 / 8.0.0.x prior to 8.0.0.4 installed. It is, therefore, affected by a spoofing vulnerability related to the included Global Security Kit GSKit and certificate objects. The GSKit does not enforce file integrity of the...