Websphere Virtual Enterprise Security Vulnerabilities and Issues — Websphere Virtual Enterprise CVE List

Lucene search

IbmWebsphere Virtual Enterprise

8 matches found

CVE•added 2019/09/20 4:15 p.m.•179 views

CVE-2019-4505

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Network Deployment could allow a remote attacker to obtain sensitive information, caused by sending a specially-crafted URL. This can lead the attacker to view any file in a certain directory. IBM X-Force ID: 164364.

5.3CVSS5.1AI score0.00193EPSS

CVE•added 2020/06/05 5:15 p.m.•153 views

CVE-2020-4448

IBM WebSphere Application Server Network Deployment 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to execute arbitrary code on the system with a specially-crafted sequence of serialized objects from untrusted sources. IBM X-Force ID: 181228.

10CVSS9.3AI score0.1624EPSS

CVE•added 2015/07/14 5:59 p.m.•64 views

CVE-2015-1946

IBM WebSphere Application Server (WAS) 8.5 before 8.5.5.6, and WebSphere Virtual Enterprise 7.0 before 7.0.0.6 for WebSphere Application Server (WAS) 7.0 and 8.0, does not properly implement user roles, which allows local users to gain privileges via unspecified vectors.

4.4CVSS6.5AI score0.00058EPSS

CVE•added 2014/05/01 5:29 p.m.•60 views

CVE-2013-6323

Cross-site scripting (XSS) vulnerability in the Administration Console in IBM WebSphere Application Server (WAS) 7.x before 7.0.0.33, 8.x before 8.0.0.9, and 8.5.x before 8.5.5.2, and WebSphere Virtual Enterprise 7.x before 7.0.0.5, allows remote authenticated users to inject arbitrary web script o...

3.5CVSS6.9AI score0.00304EPSS

CVE•added 2015/08/22 11:59 p.m.•59 views

CVE-2015-1932

IBM WebSphere Application Server 7.x before 7.0.0.39, 8.0.x before 8.0.0.11, and 8.5.x before 8.5.5.7 and WebSphere Virtual Enterprise before 7.0.0.7 allow remote attackers to obtain potentially sensitive information about the proxy-server software by reading the HTTP Via header.

5CVSS6.9AI score0.00315EPSS

CVE•added 2019/03/06 8:29 p.m.•57 views

CVE-2019-4030

IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 15594...

5.4CVSS5.3AI score0.0024EPSS

CVE•added 2020/08/27 1:15 p.m.•48 views

CVE-2020-4575

IBM WebSphere Application Server ND 8.5 and 9.0, and IBM WebSphere Virtual Enterprise 7.0 and 8.0 are vulnerable to cross-site scripting when High Availability Deployment Manager is configured.

6.1CVSS6.1AI score0.00131EPSS

CVE•added 2013/11/18 3:55 a.m.•44 views

CVE-2013-5425

Cross-site scripting (XSS) vulnerability in the Administration Console in IBM WebSphere Virtual Enterprise 6.1 before 6.1.1.6 and 7.0 before 7.0.0.4 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.

3.5CVSS6.8AI score0.00188EPSS