Websphere Application Server Security Vulnerabilities and Issues — Websphere Application Server CVE List

Lucene search

IbmWebsphere Application Server

2 matches found

CVE•added 2023/05/03 8:15 p.m.•134 views

CVE-2022-39161

IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0, and IBM WebSphere Application Server Liberty, when configured to communicate with the Web Server Plug-ins for IBM WebSphere Application Server, could allow an authenticated user to conduct spoofing attacks. A man-in-the-middle attacker could expl...

5.3CVSS4.8AI score0.00027EPSS

CVE•added 2023/05/11 8:15 p.m.•76 views

CVE-2023-27554

IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 249185.

9.1CVSS7.6AI score0.0001EPSS