IBM WebSphere Application Server

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to server-side request forgery (SSRF)

CVE-2022-35282 6.5 - Medium - September 28, 2022

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to server-side request forgery (SSRF). By sending a specially crafted request, an attacker with local network access could exploit this vulnerability to obtain sensitive data.

XSPA

IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.7 and Open Liberty are vulnerable to identity spoofing by an authenticated user using a specially crafted request

CVE-2022-22476 8.8 - High - July 08, 2022

IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.7 and Open Liberty are vulnerable to identity spoofing by an authenticated user using a specially crafted request. IBM X-Force ID: 225604.

Authentication Bypass by Spoofing

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0, with the Ajax Proxy Web Application (AjaxProxy.war) deployed, is vulnerable to spoofing by

CVE-2022-22365 5.9 - Medium - May 20, 2022

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0, with the Ajax Proxy Web Application (AjaxProxy.war) deployed, is vulnerable to spoofing by allowing a man-in-the-middle attacker to spoof SSL server hostnames. IBM X-Force ID: 220904.

IBM WebSphere Application Server Liberty and Open Liberty 17.0.0.3 through 22.0.0.5 are vulnerable to identity spoofing by an authenticated user

CVE-2022-22475 6.5 - Medium - May 17, 2022

IBM WebSphere Application Server Liberty and Open Liberty 17.0.0.3 through 22.0.0.5 are vulnerable to identity spoofing by an authenticated user. IBM X-Force ID: 225603.

Improper Input Validation

IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.5 , with the adminCenter-1.0 feature configured, could

CVE-2022-22393 6.5 - Medium - May 13, 2022

IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.5 , with the adminCenter-1.0 feature configured, could allow an authenticated user to issue a request to obtain the status of HTTP/HTTPS ports which are accessible by the application server. IBM X-Force ID: 222078.

IBM WebSphere Application Server 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.2 could

CVE-2021-39038 5.4 - Medium - February 24, 2022

IBM WebSphere Application Server 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.2 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 213968.

Clickjacking

IBM WebSphere Application Server - Liberty 17.0.0.3 through 22.0.0.1 could

CVE-2021-39031 8.8 - High - January 25, 2022

IBM WebSphere Application Server - Liberty 17.0.0.3 through 22.0.0.1 could allow a remote authenticated attacker to conduct an LDAP injection. By using a specially crafted request, an attacker could exploit this vulnerability and could result in in granting permission to unauthorized resources. IBM X-Force ID: 213875.

Injection

IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0 and Liberty 17.0.0.3 through 21.0.0.9 could

CVE-2021-29842 5.3 - Medium - September 16, 2021

IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0 and Liberty 17.0.0.3 through 21.0.0.9 could allow a remote user to enumerate usernames due to a difference of responses from valid and invalid login attempts. IBM X-Force ID: 205202.

Improper Restriction of Excessive Authentication Attempts

IBM WebSphere Application Server 8.0

CVE-2021-20492 8.2 - High - May 26, 2021

IBM WebSphere Application Server 8.0, 8.5, 9.0, and Liberty Java Batch is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 197793.

XXE

IBM WebSphere Application Server 7.0

CVE-2021-20454 8.2 - High - April 21, 2021

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 196649.

XXE

IBM WebSphere Application Server 8.0, 8.5, and 9.0 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data

CVE-2021-20453 8.2 - High - April 20, 2021

IBM WebSphere Application Server 8.0, 8.5, and 9.0 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 196648.

XXE

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to traverse directories on the system

CVE-2020-5016 6.5 - Medium - March 10, 2021

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to traverse directories on the system. When application security is disabled and JAX-RPC applications are present, an attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary xml files on the system. This does not occur if Application security is enabled. IBM X-Force ID: 193556.

Directory traversal

IBM WebSphere Application Server 7.0

CVE-2021-20353 8.2 - High - February 10, 2021

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 194882.

XXE

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to traverse directories on the system

CVE-2020-4782 6.5 - Medium - October 28, 2020

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system.

Directory traversal

IBM WebSphere Application Server 7.5, 8.0, 8.5, and 9.0 traditional could

CVE-2020-4576 7.5 - High - October 01, 2020

IBM WebSphere Application Server 7.5, 8.0, 8.5, and 9.0 traditional could allow a remote attacker to obtain sensitive information with a specially-crafted sequence of serialized objects. IBM X-Force ID: 184428.

IBM WebSphere Application Server 7.0

CVE-2020-4643 7.5 - High - September 21, 2020

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information. IBM X-Force ID: 185590.

XXE

IBM WebSphere Application Server Liberty 17.0.0.3 through 20.0.0.9 running oauth-2.0 or openidConnectServer-1.0 server features is vulnerable to a denial of service attack conducted by an authenticated client

CVE-2020-4590 6.5 - Medium - September 21, 2020

IBM WebSphere Application Server Liberty 17.0.0.3 through 20.0.0.9 running oauth-2.0 or openidConnectServer-1.0 server features is vulnerable to a denial of service attack conducted by an authenticated client. IBM X-Force ID: 184650.

IBM WebSphere Application Server ND 8.5 and 9.0

CVE-2020-4575 6.1 - Medium - August 27, 2020

IBM WebSphere Application Server ND 8.5 and 9.0, and IBM WebSphere Virtual Enterprise 7.0 and 8.0 are vulnerable to cross-site scripting when High Availability Deployment Manager is configured.

XSS

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could

CVE-2020-4589 9.8 - Critical - August 13, 2020

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to execute arbitrary code on the system with a specially-crafted sequence of serialized objects from untrusted sources. IBM X-Force ID: 184585.

Marshaling, Unmarshaling

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could

CVE-2020-4534 8.8 - High - August 03, 2020

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a local authenticated attacker to gain elevated privileges on the system, caused by improper handling of UNC paths. By scheduling a task with a specially-crafted UNC path, an attacker could exploit this vulnerability to execute arbitrary code with higher privileges. IBM X-Force ID: 182808.

Improper Privilege Management

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 traditional could

CVE-2020-4464 8.8 - High - July 17, 2020

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 traditional could allow a remote attacker to execute arbitrary code on a system with a specially-crafted sequence of serialized objects over the SOAP connector. IBM X-Force ID: 181489.

Marshaling, Unmarshaling

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 traditional could

CVE-2020-4449 7.5 - High - June 05, 2020

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 traditional could allow a remote attacker to obtain sensitive information with a specially-crafted sequence of serialized objects. IBM X-Force ID: 181230.

Information Disclosure

IBM WebSphere Application Server Network Deployment 7.0, 8.0, 8.5, and 9.0 could

CVE-2020-4448 9.8 - Critical - June 05, 2020

IBM WebSphere Application Server Network Deployment 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to execute arbitrary code on the system with a specially-crafted sequence of serialized objects from untrusted sources. IBM X-Force ID: 181228.

Marshaling, Unmarshaling

IBM WebSphere Application Server 8.5 and 9.0 traditional could

CVE-2020-4450 9.8 - Critical - June 05, 2020

IBM WebSphere Application Server 8.5 and 9.0 traditional could allow a remote attacker to execute arbitrary code on the system with a specially-crafted sequence of serialized objects. IBM X-Force ID: 181231.

Marshaling, Unmarshaling

A flaw was found in Hibernate Validator version 6.1.2.Final

CVE-2020-10693 5.3 - Medium - May 06, 2020

A flaw was found in Hibernate Validator version 6.1.2.Final. A bug in the message interpolation processor enables invalid EL expressions to be evaluated as if they were valid. This flaw allows attackers to bypass input sanitation (escaping, stripping) controls that developers may have put in place when handling user-controlled data in error messages.

Improper Input Validation

IBM WebSphere Application Liberty 19.0.0.5 through 20.0.0.4 could

CVE-2020-4421 5.4 - Medium - May 06, 2020

IBM WebSphere Application Liberty 19.0.0.5 through 20.0.0.4 could allow an authenticated user using openidconnect to spoof another users identify. IBM X-Force ID: 180084.

authentification

IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0 and Liberty 17.0.0.3 through 20.0.0.4 could

CVE-2020-4329 4.3 - Medium - April 28, 2020

IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0 and Liberty 17.0.0.3 through 20.0.0.4 could allow a remote, authenticated attacker to obtain sensitive information, caused by improper parameter checking. This could be exploited to conduct spoofing attacks. IBM X-Force ID: 177841.

Information Disclosure

IBM WebSphere Application Server 7.0

CVE-2020-4362 8.8 - High - April 10, 2020

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 traditional is vulnerable to a privilege escalation vulnerability when using token-based authentication in an admin request over the SOAP connector. IBM X-Force ID: 178929.

Improper Privilege Management

IBM WebSphere Application Server - Liberty 17.0.0.3 through 20.0.0.3 is vulnerable to cross-site scripting

CVE-2020-4304 6.1 - Medium - April 02, 2020

IBM WebSphere Application Server - Liberty 17.0.0.3 through 20.0.0.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 176670.

XSS

IBM WebSphere Application Server - Liberty 17.0.0.3 through 20.0.0.3 is vulnerable to cross-site scripting

CVE-2020-4303 6.1 - Medium - April 02, 2020

IBM WebSphere Application Server - Liberty 17.0.0.3 through 20.0.0.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 176668.

XSS

IBM WebSphere Application Server 7.0

CVE-2020-4276 7.5 - High - March 26, 2020

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 traditional is vulnerable to a privilege escalation vulnerability when using token-based authentication in an admin request over the SOAP connector. X-Force ID: 175984.

Improper Privilege Management

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could

CVE-2019-4670 6.5 - Medium - February 05, 2020

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to obtain sensitive information caused by improper data representation. IBM X-Force ID: 171319.

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0, under specialized conditions, could

CVE-2020-4163 7.2 - High - February 04, 2020

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0, under specialized conditions, could allow an authenticated user to create a maliciously crafted file name which would be misinterpreted as jsp content and executed. IBM X-Force ID: 174397.

Improper Privilege Management

IBM SDK, Java Technology Edition Version 7.0.0.0 through 7.0.10.55, 7.1.0.0 through 7.1.4.55, and 8.0.0.0 through 8.0.6.0 could

CVE-2019-4732 6.5 - Medium - February 03, 2020

IBM SDK, Java Technology Edition Version 7.0.0.0 through 7.0.10.55, 7.1.0.0 through 7.1.4.55, and 8.0.0.0 through 8.0.6.0 could allow a local authenticated attacker to execute arbitrary code on the system, caused by DLL search order hijacking vulnerability in Microsoft Windows client. By placing a specially-crafted file in a compromised folder, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 172618.

Untrusted Path

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to a denial of service, caused by sending a specially-crafted request

CVE-2019-4720 7.5 - High - January 31, 2020

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to a denial of service, caused by sending a specially-crafted request. A remote attacker could exploit this vulnerability to cause the server to consume all available memory. IBM X-Force ID: 172125.

Allocation of Resources Without Limits or Throttling

IBM WebSphere Application Server - Liberty is vulnerable to cross-site scripting

CVE-2019-4663 5.4 - Medium - December 10, 2019

IBM WebSphere Application Server - Liberty is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 171245.

XSS

IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0, and Liberty could

CVE-2019-4441 5.3 - Medium - October 03, 2019

IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0, and Liberty could allow a remote attacker to obtain sensitive information when a stack trace is returned in the browser. IBM X-Force ID: 163177.

Generation of Error Message Containing Sensitive Information

IBM WebSphere Application Server - Liberty could

CVE-2019-4304 6.3 - Medium - September 30, 2019

IBM WebSphere Application Server - Liberty could allow a remote attacker to bypass security restrictions caused by improper session validation. IBM X-Force ID: 160950.

Session Fixation

IBM WebSphere Application Server Liberty could

CVE-2019-4305 5.3 - Medium - September 30, 2019

IBM WebSphere Application Server Liberty could allow a remote attacker to obtain sensitive information caused by the improper setting of a cookie. IBM X-Force ID: 160951.

Reliance on Cookies without Validation and Integrity Checking

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Network Deployment could

CVE-2019-4505 5.3 - Medium - September 20, 2019

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Network Deployment could allow a remote attacker to obtain sensitive information, caused by sending a specially-crafted URL. This can lead the attacker to view any file in a certain directory. IBM X-Force ID: 164364.

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9,0 could allow a remote attacker to traverse directories on the file system

CVE-2019-4442 4.3 - Medium - September 17, 2019

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9,0 could allow a remote attacker to traverse directories on the file system. An attacker could send a specially-crafted URL request to view arbitrary files on the system but not content. IBM X-Force ID: 163226.

Directory traversal

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could

CVE-2019-4477 6.5 - Medium - September 17, 2019

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a user with access to audit logs to obtain sensitive information, caused by improper handling of command line options. IBM X-Force ID: 163997.

Improper Privilege Management

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Admin console is vulnerable to a Client-side HTTP parameter pollution vulnerability

CVE-2019-4271 3.5 - Low - September 17, 2019

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Admin console is vulnerable to a Client-side HTTP parameter pollution vulnerability. IBM X-Force ID: 160243.

Improper Input Validation

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Admin Console is vulnerable to cross-site scripting

CVE-2019-4270 5.4 - Medium - September 17, 2019

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Admin Console is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 160203.

XSS

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to traverse directories on the system

CVE-2019-4268 5.3 - Medium - September 17, 2019

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 160201.

Directory traversal

IBM WebSphere Application Server - Liberty Admin Center could allow a remote attacker to hijack the clicking action of the victim

CVE-2019-4285 5.4 - Medium - July 30, 2019

IBM WebSphere Application Server - Liberty Admin Center could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could send a specially-crafted HTTP request to hijack the victim's click actions or launch other client-side browser attacks. IBM X-Force ID: 160513.

Clickjacking

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Admin Console could

CVE-2019-4269 7.5 - High - June 28, 2019

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Admin Console could allow a remote attacker to obtain sensitive information when a specially crafted url causes a stack trace to be dumped. IBM X-Force ID: 160202.

Generation of Error Message Containing Sensitive Information

IBM WebSphere Application Server 8.5 and 9.0 could

CVE-2019-4279 9.8 - Critical - May 17, 2019

IBM WebSphere Application Server 8.5 and 9.0 could allow a remote attacker to execute arbitrary code on the system with a specially-crafted sequence of serialized objects from untrusted sources. IBM X-Force ID: 160445.

Marshaling, Unmarshaling

IBM WebSphere Application Server Admin Console 7.5

CVE-2019-4080 6.5 - Medium - April 02, 2019

IBM WebSphere Application Server Admin Console 7.5, 8.0, 8.5, and 9.0 is vulnerable to a potential denial of service, caused by improper parameter parsing. A remote attacker could exploit this to consume all available CPU resources. IBM X-Force ID: 157380.

Resource Exhaustion

IBM WebSphere Application Server 7.0

CVE-2019-4046 7.5 - High - March 25, 2019

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to a denial of service, caused by improper handling of request headers. A remote attacker could exploit this vulnerability to cause the consumption of Memory. IBM X-Force ID: 156242.

Resource Exhaustion

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could

CVE-2018-1902 4.3 - Medium - March 11, 2019

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to spoof connection information which could be used to launch further attacks against the system. IBM X-Force ID: 152531.

Information Disclosure

IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to cross-site scripting

CVE-2019-4030 5.4 - Medium - March 06, 2019

IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 155946.

XSS

IBM WebSphere Application Server 7.0

CVE-2018-1996 5.3 - Medium - February 19, 2019

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could provide weaker than expected security, caused by the improper TLS configuration. A remote attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 154650.

Use of a Broken or Risky Cryptographic Algorithm

IBM WebSphere Application Server 7.0

CVE-2018-1926 8.8 - High - December 12, 2018

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Admin Console is vulnerable to cross-site request forgery, caused by improper validation of user-supplied input. By persuading a user to visit a malicious URL, a remote attacker could send a specially-crafted request. An attacker could exploit this vulnerability to perform CSRF attack and update available applications. IBM X-Force ID: 152992.

Session Riding

IBM WebSphere Application Server 8.5 and 9.0 could

CVE-2018-1901 8.8 - High - December 12, 2018

IBM WebSphere Application Server 8.5 and 9.0 could allow a remote attacker to temporarily gain elevated privileges on the system, caused by incorrect cached value being used. IBM X-Force ID: 152530.

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could

CVE-2018-1904 9.8 - Critical - December 11, 2018

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow remote attackers to execute arbitrary Java code through an administrative client class with a serialized object from untrusted sources. IBM X-Force ID: 152533.

Marshaling, Unmarshaling

IBM WebSphere Application Server 9 could

CVE-2018-1957 5.5 - Medium - December 10, 2018

IBM WebSphere Application Server 9 could allow sensitive information to be available caused by mishandling of data by the application based on an incorrect return by the httpServletRequest#authenticate() API when an unprotected URI is accessed. IBM X-Force ID: 153629.

Information Disclosure

IBM WebSphere Application Server 8.5 and 9.0 could

CVE-2018-1840 8.1 - High - December 03, 2018

IBM WebSphere Application Server 8.5 and 9.0 could allow a remote attacker to gain elevated privileges on the system, caused when a security domain is configured to use a federated repository other than global federated repository and then migrated to a newer release of WebSphere Application Server. IBM X-Force ID: 150813.

Exposure of Resource to Wrong Sphere

IBM WebSphere Application Server 9.0.0.0 through 9.0.0.9 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data

CVE-2018-1905 7.1 - High - November 26, 2018

IBM WebSphere Application Server 9.0.0.0 through 9.0.0.9 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 152534.

XXE

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 using Enterprise bundle Archives (EBA) could

CVE-2018-1797 5.5 - Medium - November 16, 2018

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 using Enterprise bundle Archives (EBA) could allow a local attacker to traverse directories on the system. By persuading a victim to extract a specially-crafted ZIP archive containing "dot dot slash" sequences (../), an attacker could exploit this vulnerability to write to arbitrary files on the system. Note: This vulnerability is known as "Zip-Slip". IBM X-Force ID: 149427.

Directory traversal

The Installation Verification Tool of IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting

CVE-2018-1643 6.1 - Medium - November 15, 2018

The Installation Verification Tool of IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 144588

XSS

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting

CVE-2018-1798 6.1 - Medium - November 12, 2018

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 149428.

XSS

IBM WebSphere Application Server Liberty OpenID Connect could

CVE-2018-1851 9.8 - Critical - October 31, 2018

IBM WebSphere Application Server Liberty OpenID Connect could allow a remote attacker to execute arbitrary code on the system, caused by improper deserialization. By sending a specially-crafted request to the RP service, an attacker could exploit this vulnerability to execute arbitrary code. IBM X-Force ID: 150999.

Marshaling, Unmarshaling

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Cachemonitor is vulnerable to cross-site scripting

CVE-2018-1767 6.1 - Medium - October 29, 2018

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Cachemonitor is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 148621.

XSS

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting

CVE-2018-1777 5.4 - Medium - October 16, 2018

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 148800.

XSS

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to traverse directories on the system

CVE-2018-1770 6.5 - Medium - October 12, 2018

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 148686.

Directory traversal

IBM WebSphere Application Server 8.5 and 9.0 in IBM Cloud could

CVE-2018-1838 6.5 - Medium - October 12, 2018

IBM WebSphere Application Server 8.5 and 9.0 in IBM Cloud could allow a remote attacker to obtain sensitive information caused by improper handling of passwords. IBM X-Force ID: 150811.

Information Disclosure

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 using OAuth ear is vulnerable to cross-site scripting

CVE-2018-1794 6.1 - Medium - October 03, 2018

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 using OAuth ear is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 148949.

XSS

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 using SAML ear is vulnerable to cross-site scripting

CVE-2018-1793 6.1 - Medium - October 03, 2018

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 using SAML ear is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 148948.

XSS

IBM WebSphere Application Server Liberty could

CVE-2018-1683 7.5 - High - September 26, 2018

IBM WebSphere Application Server Liberty could allow a remote attacker to obtain sensitive information, caused by the failure to encrypt ORB communication. IBM X-Force ID: 145455.

Missing Encryption of Sensitive Data

IBM WebSphere Application Server 8.5 and 9.0 could provide weaker than expected security under certain conditions

CVE-2018-1719 5.9 - Medium - September 14, 2018

IBM WebSphere Application Server 8.5 and 9.0 could provide weaker than expected security under certain conditions. This could result in a downgrade of TLS protocol. A remote attacker could exploit this vulnerability to perform man-in-the-middle attacks. IBM X-Force ID: 147292.

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could

CVE-2018-1567 9.8 - Critical - September 07, 2018

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow remote attackers to execute arbitrary Java code through the SOAP connector with a serialized object from untrusted sources. IBM X-Force ID: 143024.

Marshaling, Unmarshaling

IBM WebSphere Application Server 7.0, 8.0, and 8.5.5 installations using Form Login could

CVE-2018-1695 5.6 - Medium - September 06, 2018

IBM WebSphere Application Server 7.0, 8.0, and 8.5.5 installations using Form Login could allow a remote attacker to conduct spoofing attacks. IBM X-Force ID: 145769.

Authentication Bypass by Spoofing

IBM WebSphere Application Server Liberty could

CVE-2018-1755 5.9 - Medium - August 24, 2018

IBM WebSphere Application Server Liberty could allow a remote attacker to obtain sensitive information, caused by incorrect transport being used when Liberty is configured to use Java Authentication SPI for Containers (JASPIC). This can happen when the Application Server is configured to permit access on non-secure (http) port and using JASPIC or JSR375 authentication.

Information Disclosure

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could

CVE-2018-1621 6.7 - Medium - July 06, 2018

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a local attacker to obtain clear text password in a trace file caused by improper handling of some datasource custom properties. IBM X-Force ID: 144346.

Cleartext Storage of Sensitive Information

IBM WebSphere Application Server Liberty prior to 18.0.0.2 could

CVE-2018-1553 7.5 - High - June 27, 2018

IBM WebSphere Application Server Liberty prior to 18.0.0.2 could allow a remote attacker to obtain sensitive information, caused by mishandling of exceptions by the SAML Web SSO feature. IBM X-Force ID: 142890.

Information Disclosure

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 using malformed SAML responses from the SAML identity provider could

CVE-2018-1614 7.5 - High - June 26, 2018

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 using malformed SAML responses from the SAML identity provider could allow a remote attacker to obtain sensitive information. IBM X-Force ID: 144270.

Information Disclosure

An issue was discovered in Pivotal Spring Security before 3.2.10, 4.1.x before 4.1.4, and 4.2.x before 4.2.1

CVE-2016-9879 7.5 - High - January 06, 2017

An issue was discovered in Pivotal Spring Security before 3.2.10, 4.1.x before 4.1.4, and 4.2.x before 4.2.1. Spring Security does not consider URL path parameters when processing security constraints. By adding a URL path parameter with an encoded "/" to a request, an attacker may be able to bypass a security constraint. The root cause of this issue is a lack of clarity regarding the handling of path parameters in the Servlet Specification. Some Servlet containers include path parameters in the value returned for getPathInfo() and some do not. Spring Security uses the value returned by getPathInfo() as part of the process of mapping requests to security constraints. The unexpected presence of path parameters can cause a constraint to be bypassed. Users of Apache Tomcat (all current versions) are not affected by this vulnerability since Tomcat follows the guidance previously provided by the Servlet Expert group and strips path parameters from the value returned by getContextPath(), getServletPath(), and getPathInfo(). Users of other Servlet containers based on Apache Tomcat may or may not be affected depending on whether or not the handling of path parameters has been modified. Users of IBM WebSphere Application Server 8.5.x are known to be affected. Users of other containers that implement the Servlet specification may be affected.

Communication Channel Errors

Cross-site scripting (XSS) vulnerability in the administrative console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.23 on z/OS

CVE-2009-0855 - March 09, 2009

Cross-site scripting (XSS) vulnerability in the administrative console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.23 on z/OS allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

XSS