Websphere Application Server@8.5.5.18 Security Vulnerabilities and Issues — Websphere Application Server@8.5.5.18 CVE List

Lucene search

IbmWebsphere Application Server8.5.5.18

3 matches found

CVE•added 2021/01/26 3:15 p.m.•78 views

CVE-2020-4949

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 192025.

8.2CVSS8AI score0.00331EPSS

CVE•added 2020/09/30 3:15 p.m.•65 views

CVE-2020-4629

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a local user with specialized access to obtain sensitive information from a detailed technical error message. This information could be used in further attacks against the system. IBM X-Force ID: 185370.

3.3CVSS3.4AI score0.00093EPSS

CVE•added 2020/10/28 5:15 p.m.•61 views

CVE-2020-4782

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system.

6.5CVSS6.4AI score0.00416EPSS