Websphere Application Server Security Vulnerabilities and Issues — Websphere Application Server CVE List

Lucene search

IbmWebsphere Application Server

4 matches found

cve•added 2009/09/21 7:30 p.m.•47 views

CVE-2009-2744

Unspecified vulnerability in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.27 allows remote attackers to cause a denial of service via unknown vectors, related to "an error in fixpacks 6.1.0.23 and 6.1.0.25."

7.8CVSS6.5AI score0.00836EPSS

cve•added 2009/09/08 10:30 p.m.•41 views

CVE-2009-3106

The Servlet Engine/Web Container component in IBM WebSphere Application Server (WAS) 6.0.2 before 6.0.2.37 does not properly implement security constraints on the (1) doGet and (2) doTrace methods, which allows remote attackers to bypass intended access restrictions and obtain sensitive information...

5CVSS6.2AI score0.00112EPSS

cve•added 2009/09/21 7:30 p.m.•38 views

CVE-2009-2743

IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.27, and 7.0 before 7.0.0.7, does not properly handle an exception occurring after use of wsadmin scripts and configuration of JAAS-J2C Authentication Data, which allows local users to obtain sensitive information by reading the First Failure D...

2.1CVSS5.6AI score0.00064EPSS

cve•added 2009/09/21 7:30 p.m.•37 views

CVE-2009-2742

Cross-site scripting (XSS) vulnerability in Eclipse Help in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.27 allows remote attackers to inject arbitrary web script or HTML via unspecified input.

4.3CVSS5.5AI score0.0023EPSS