Lucene search
K
IbmWebsphere Process Server

5 matches found

CVE
CVE
added 2016/03/21 2:0 p.m.62 views

CVE-2015-7454

IBM’s CVE-2015-7454 affects Business Space in IBM WebSphere Process Server and IBM BPM (various BPM Advanced/Standard editions). The issue allows an authenticated remote attacker to bypass access restrictions and create arbitrary pages/spaces via unspecified vectors. Affected versions span WebSph...

4.3CVSS5.5AI score0.01308EPSS
CVE
CVE
added 2014/12/16 11:0 p.m.50 views

CVE-2014-6176

CVE-2014-6176 affects IBM WebSphere Process Server 7.0, WebSphere Enterprise Service Bus 7.0, and IBM Business Process Manager Advanced (7.5.x up to 7.5.1.2, 8.0.x up to 8.0.1.3, and 8.5.x up to 8.5.5). The vulnerability arises because the SCA module HTTP binding ignores the SSL setting from the ...

4.3CVSS6.1AI score0.01822EPSS
CVE
CVE
added 2016/01/01 12:0 a.m.49 views

CVE-2015-7441

IBM’s advisory (Security Bulletin and accompanying IBM pages) confirms CVE-2015-7441 affects WebSphere Process Server and BPM Advanced via the Remote Artifact Loader (RAL), where HTTPS/SSL is not honored per server configuration, allowing remote authenticated users to obtain sensitive information...

6.8CVSS6.1AI score0.01392EPSS
CVE
CVE
added 2018/03/30 4:0 p.m.48 views

CVE-2018-1384

CVE-2018-1384 affects IBM Business Process Manager (BPM) 8.6 with a cross-site scripting flaw in the Web UI that can let an attacker inject arbitrary JavaScript, potentially leading to credentials disclosure in a trusted session. The IBM Security Bulletin lists affected BPM/PS/WESB offerings and ...

5.4CVSS5.2AI score0.01077EPSS
CVE
CVE
added 2009/02/26 4:0 p.m.42 views

CVE-2009-0507

The CVE-2009-0507 entry concerns IBM WebSphere Process Server (WPS) 6.1.2 before 6.1.2.3 and 6.2 before 6.2.0.1. The vulnerability arises because the administrative console’s export of the cluster configuration file does not properly restrict configuration data, enabling remote authenticated user...

4CVSS6.1AI score0.01004EPSS