Websphere Application Server@9.0.0.4 Security Vulnerabilities and Issues — Websphere Application Server@9.0.0.4 CVE List

Lucene search

IbmWebsphere Application Server9.0.0.4

4 matches found

CVE•added 2018/01/30 6:29 p.m.•72 views

CVE-2017-1731

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could provide weaker than expected security when using the Administrative Console. An authenticated remote attacker could exploit this vulnerability to possibly gain elevated privileges.

8.8CVSS8.5AI score0.00743EPSS

CVE•added 2017/08/03 3:29 p.m.•58 views

CVE-2017-1504

IBM WebSphere Application Server version 9.0.0.4 could provide weaker than expected security after using the PasswordUtil command to enable AES password encryption. IBM X-Force ID: 129579.

6.5CVSS6.6AI score0.00157EPSS

CVE•added 2017/08/18 3:29 p.m.•57 views

CVE-2017-1501

IBM WebSphere Application Server 8.0, 8.5, and 9.0 could provide weaker than expected security after using the Admin Console to update the web services security bindings settings. IBM X-Force ID: 129576.

5.9CVSS5.7AI score0.00701EPSS

CVE•added 2018/11/26 5:0 p.m.•48 views

CVE-2018-1905

IBM WebSphere Application Server 9.0.0.0 through 9.0.0.9 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 152534.

7.1CVSS6.9AI score0.00483EPSS