Websphere Application Server@6.1.0.1 Security Vulnerabilities and Issues — Page 3 of Websphere Application Server@6.1.0.1 CVE List

Lucene search

IbmWebsphere Application Server6.1.0.1

104 matches found

CVE•added 2009/11/16 7:30 p.m.•35 views

CVE-2009-2746

Cross-site request forgery (CSRF) vulnerability in the administrative console in the Security component in IBM WebSphere Application Server (WAS) 6.0.2 before 6.0.2.39, 6.1 before 6.1.0.29, and 7.0 before 7.0.0.7 allows remote attackers to hijack the authentication of administrators via unspecified...

6.8CVSS6.9AI score0.00155EPSS

CVE•added 2009/06/25 1:30 a.m.•34 views

CVE-2009-0903

IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.3, and the Feature Pack for Web Services for WAS 6.1 before 6.1.0.25, when a WS-Security policy is established at the operation level, does not properly handle inbound requests that lack a SOAPAction or WS-Addressing Action, which allows remot...

7.5CVSS6.7AI score0.00402EPSS

CVE•added 2008/09/16 11:0 p.m.•33 views

CVE-2008-4111

Unspecified vulnerability in Servlet Engine/Web Container in IBM WebSphere Application Server (WAS) 6.0.2 before 6.0.2.31 and 6.1 before 6.1.0.19, when the FileServing feature is enabled, has unknown impact and attack vectors.

9.3CVSS6.3AI score0.0104EPSS

CVE•added 2009/02/10 10:30 p.m.•33 views

CVE-2009-0436

The (1) mod_ibm_ssl and (2) mod_cgid modules in IBM HTTP Server 6.0.x before 6.0.2.31 and 6.1.x before 6.1.0.19, as used in WebSphere Application Server (WAS), set incorrect permissions for AF_UNIX sockets, which has unknown impact and local attack vectors.

7.2CVSS6.4AI score0.00058EPSS

Total number of security vulnerabilities104