Lucene search
K
IbmWebsphere Virtual Enterprise

8 matches found

CVE
CVE
added 2019/09/20 3:50 p.m.210 views

CVE-2019-4505

CVE-2019-4505 affects IBM WebSphere Application Server Network Deployment (ND) across multiple release lines (e.g., 9.0.0.0, 8.5.x, 8.0, 7.0, 6.1). A remote attacker can obtain sensitive information by sending a specially crafted URL, potentially allowing viewing of files in a restricted director...

5.3CVSS5.1AI score0.02352EPSS
CVE
CVE
added 2020/06/05 12:55 p.m.176 views

CVE-2020-4448

CVE-2020-4448 affects IBM WebSphere Application Server Network Deployment (ND) on versions 7.0, 8.0, 8.5 and 9.0. The vulnerability allows remote code execution by processing a specially crafted sequence of serialized objects from untrusted sources, enabling an attacker to run arbitrary code on t...

10CVSS9.3AI score0.12224EPSS
CVE
CVE
added 2015/07/14 5:0 p.m.84 views

CVE-2015-1946

CVE-2015-1946 affects IBM WebSphere Application Server (WAS) and WebSphere Virtual Enterprise. It enables local privilege escalation due to incorrect handling of user roles, with vulnerable versions including WAS 8.5 prior to 8.5.5.6 and WAS 7.0/8.0 prior to their respective fixes; remediation is...

4.4CVSS6.5AI score0.00352EPSS
CVE
CVE
added 2019/03/06 8:0 p.m.79 views

CVE-2019-4030

Summary of CVE-2019-4030 (IBM WebSphere Application Server) This CVE describes a cross-site scripting (XSS) vulnerability in the WebSphere Application Server Admin Console. An authenticated remote attacker could embed arbitrary JavaScript in the Admin Console UI, potentially leading to credential...

5.4CVSS5.3AI score0.00695EPSS
CVE
CVE
added 2014/05/01 5:0 p.m.76 views

CVE-2013-6323

CVE-2013-6323 is a cross-site scripting vulnerability in the Administration Console of IBM WebSphere Application Server (WAS) and WebSphere Virtual Enterprise. It can be exploited by a remote authenticated user via a crafted URL to inject script/HTML into a victim’s browser. Affected WAS versions...

3.5CVSS6.9AI score0.01613EPSS
CVE
CVE
added 2015/08/22 11:0 p.m.74 views

CVE-2015-1932

CVE-2015-1932 affects IBM WebSphere Application Server and WebSphere Virtual Enterprise; versions affected include WAS 7.x prior to 7.0.0.39, WAS 8.0.x prior to 8.0.0.11, WAS 8.5.x prior to 8.5.5.7 and WebSphere Virtual Enterprise on WAS 7/8.0/8.5.0.x prior to respective fix packs. Root cause is ...

5CVSS6.9AI score0.02107EPSS
CVE
CVE
added 2020/08/27 12:40 p.m.66 views

CVE-2020-4575

CVE-2020-4575 affects IBM WebSphere Application Server ND 8.5/9.0 and WebSphere Virtual Enterprise 7.0/8.0, with a cross-site scripting vulnerability when High Availability Deployment Manager is configured. The Connected IBM Security Bulletins indicate remediation via upgrading to fixed WebSphere...

6.1CVSS6.1AI score0.00921EPSS
CVE
CVE
added 2013/11/16 2:0 a.m.56 views

CVE-2013-5425

IBM WebSphere Virtual Enterprise CVE-2013-5425 is an XSS vulnerability in the Administration Console exploitable by remote authenticated users via a crafted URL. Affected versions: VE 6.1 prior to 6.1.1.6 and VE 7.0 prior to 7.0.0.4. Mitigation: apply theFix Pack/Interim Fix PM93828. For VE 7.0, ...

3.5CVSS6.8AI score0.01433EPSS