Websphere Application Server Security Vulnerabilities and Issues — Websphere Application Server CVE List

Lucene search

IbmWebsphere Application Server

4 matches found

CVE•added 2012/09/25 8:55 p.m.•63 views

CVE-2012-3305

Directory traversal vulnerability in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0 before 7.0.0.25, 8.0 before 8.0.0.5, and 8.5 before 8.5.0.1 allows remote attackers to overwrite arbitrary files via a crafted application file.

6.4CVSS8.9AI score0.00233EPSS

CVE•added 2012/09/25 8:55 p.m.•61 views

CVE-2012-3311

IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.45, 7.0 before 7.0.0.25, 8.0 before 8.0.0.5, and 8.5 before 8.5.0.1 on z/OS, in certain configurations involving Federated Repositories for IIOP connections and Optimized Local Adapters, does not perform CBIND checks, which allows local users ...

3.3CVSS8.2AI score0.00064EPSS

CVE•added 2012/09/25 8:55 p.m.•54 views

CVE-2012-3304

The Administrative Console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.45, 7.0 before 7.0.0.25, 8.0 before 8.0.0.5, and 8.5 before 8.5.0.1 allows remote attackers to hijack sessions via unspecified vectors.

6.8CVSS9AI score0.00731EPSS

CVE•added 2012/09/25 8:55 p.m.•52 views

CVE-2012-3306

IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.45, 7.0 before 7.0.0.25, 8.0 before 8.0.0.5, and 8.5 before 8.5.0.1, when multi-domain support is configured, does not purge password data from the authentication cache, which has unspecified impact and remote attack vectors.

6.8CVSS9.4AI score0.00343EPSS