Websphere Application Server Security Vulnerabilities and Issues — Websphere Application Server CVE List

Lucene search

IbmWebsphere Application Server

4 matches found

CVE•added 2012/06/20 10:27 a.m.•64 views

CVE-2012-0717

IBM WebSphere Application Server 7.0 before 7.0.0.23, when a certain SSLv2 configuration with client authentication is used, allows remote attackers to bypass X.509 client-certificate authentication via unspecified vectors.

2.6CVSS9.2AI score0.00066EPSS

CVE•added 2012/06/20 10:27 a.m.•59 views

CVE-2012-0720

Cross-site scripting (XSS) vulnerability in the Integration Solution Console in the Administration Console in IBM WebSphere Application Server 7.0 before 7.0.0.23 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.

4.3CVSS7.3AI score0.00322EPSS

CVE•added 2012/06/20 10:27 a.m.•57 views

CVE-2012-0716

Cross-site scripting (XSS) vulnerability in the Administration Console in IBM WebSphere Application Server 7.0 before 7.0.0.23 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3CVSS7.3AI score0.00266EPSS

CVE•added 2012/06/20 10:27 a.m.•57 views

CVE-2012-2170

The Application Snoop Servlet in IBM WebSphere Application Server 7.0 before 7.0.0.23 does not properly restrict access, which allows remote attackers to obtain sensitive client and request information via a direct request.

4.3CVSS8.7AI score0.00576EPSS