Vulnerabilities > IBM > Websphere Application Server > 8.0.0.0

DATE CVE VULNERABILITY TITLE RISK
2019-10-03 CVE-2019-4441 Information Exposure Through an Error Message vulnerability in IBM Websphere Application Server
IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0, and Liberty could allow a remote attacker to obtain sensitive information when a stack trace is returned in the browser.
network
low complexity
ibm CWE-209
5.3
2019-09-17 CVE-2019-4477 Improper Privilege Management vulnerability in IBM Websphere Application Server
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a user with access to audit logs to obtain sensitive information, caused by improper handling of command line options.
network
low complexity
ibm CWE-269
6.5
2019-09-17 CVE-2019-4442 Path Traversal vulnerability in IBM Websphere Application Server
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9,0 could allow a remote attacker to traverse directories on the file system.
network
low complexity
ibm CWE-22
4.3
2019-09-17 CVE-2019-4270 Cross-site Scripting vulnerability in IBM Websphere Application Server
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Admin Console is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2019-09-17 CVE-2019-4268 Path Traversal vulnerability in IBM Websphere Application Server
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to traverse directories on the system.
network
low complexity
ibm CWE-22
5.3
2019-04-02 CVE-2019-4080 Resource Exhaustion vulnerability in IBM Websphere Application Server
IBM WebSphere Application Server Admin Console 7.5, 8.0, 8.5, and 9.0 is vulnerable to a potential denial of service, caused by improper parameter parsing.
network
low complexity
ibm CWE-400
6.5
2019-03-25 CVE-2019-4046 Resource Exhaustion vulnerability in IBM Websphere Application Server
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to a denial of service, caused by improper handling of request headers.
network
low complexity
ibm CWE-400
7.5
2019-03-11 CVE-2018-1902 Information Exposure vulnerability in IBM Websphere Application Server
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to spoof connection information which could be used to launch further attacks against the system.
network
low complexity
ibm CWE-200
4.3
2019-02-19 CVE-2018-1996 Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Websphere Application Server
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could provide weaker than expected security, caused by the improper TLS configuration.
network
high complexity
ibm CWE-327
5.3
2018-12-12 CVE-2018-1926 Cross-Site Request Forgery (CSRF) vulnerability in IBM Websphere Application Server
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Admin Console is vulnerable to cross-site request forgery, caused by improper validation of user-supplied input.
network
low complexity
ibm CWE-352
8.8