Websphere Application Server@8.5.5 Security Vulnerabilities and Issues — Websphere Application Server@8.5.5 CVE List

Lucene search

IbmWebsphere Application Server8.5.5

5 matches found

CVE•added 2017/05/10 2:29 p.m.•81 views

CVE-2017-1137

IBM WebSphere Application Server 8.0 and 8.5.5 could provide weaker than expected security. A remote attacker could exploit this weakness to obtain sensitive information and gain unauthorized access to the admin console. IBM X-Force ID: 121549.

8.1CVSS7.6AI score0.00988EPSS

CVE•added 2017/03/20 4:59 p.m.•80 views

CVE-2017-1151

IBM WebSphere Application Server 8.0, 8.5, 8.5.5, and 9.0 using OpenID Connect (OIDC) configured with a Trust Association Interceptor (TAI) could allow a user to gain elevated privileges on the system. IBM Reference #: 1999293.

8.1CVSS7.9AI score0.00558EPSS

CVE•added 2017/02/01 10:59 p.m.•78 views

CVE-2016-8919

IBM WebSphere Application Server may be vulnerable to a denial of service, caused by allowing serialized objects from untrusted sources to run and cause the consumption of resources.

7.8CVSS7.3AI score0.00859EPSS

CVE•added 2017/02/13 10:59 p.m.•75 views

CVE-2017-1121

IBM WebSphere Application Server 7.0, 8.0, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #...

5.4CVSS5.3AI score0.0027EPSS

CVE•added 2017/06/08 9:29 p.m.•56 views

CVE-2016-9736

IBM WebSphere Application Server using malformed SOAP requests could allow a remote attacker to obtain sensitive information.

5.3CVSS5.2AI score0.00304EPSS