Websphere Application Server Liberty Security Vulnerabilities and Issues — Websphere Application Server Liberty CVE List

Lucene search

IbmWebsphere Application Server Liberty

5 matches found

CVE•added 2020/04/28 2:15 p.m.•78 views

CVE-2020-4329

IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0 and Liberty 17.0.0.3 through 20.0.0.4 could allow a remote, authenticated attacker to obtain sensitive information, caused by improper parameter checking. This could be exploited to conduct spoofing attacks. IBM X-Force ID: 177841.

4.3CVSS4.5AI score0.00083EPSS

CVE•added 2020/05/06 2:15 p.m.•62 views

CVE-2020-4421

IBM WebSphere Application Liberty 19.0.0.5 through 20.0.0.4 could allow an authenticated user using openidconnect to spoof another users identify. IBM X-Force ID: 180084.

5.5CVSS5.7AI score0.0017EPSS

CVE•added 2020/04/02 3:15 p.m.•47 views

CVE-2020-4303

IBM WebSphere Application Server - Liberty 17.0.0.3 through 20.0.0.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted sessio...

6.1CVSS5.8AI score0.00292EPSS

CVE•added 2020/09/21 3:15 p.m.•47 views

CVE-2020-4590

IBM WebSphere Application Server Liberty 17.0.0.3 through 20.0.0.9 running oauth-2.0 or openidConnectServer-1.0 server features is vulnerable to a denial of service attack conducted by an authenticated client. IBM X-Force ID: 184650.

6.5CVSS6.3AI score0.00448EPSS

CVE•added 2020/04/02 3:15 p.m.•46 views

CVE-2020-4304

6.1CVSS5.8AI score0.00223EPSS