Vulnerabilities > IBM > Websphere Application Server > 8.0.0.8

DATE CVE VULNERABILITY TITLE RISK
2014-05-01 CVE-2014-0857 Information Exposure vulnerability in IBM Websphere Application Server
The Administrative Console in IBM WebSphere Application Server (WAS) 8.x before 8.0.0.9 and 8.5.x before 8.5.5.2 allows remote authenticated users to obtain sensitive information via a crafted request.
network
low complexity
ibm CWE-200
4.0
4.0
2014-05-01 CVE-2014-0823 Information Exposure vulnerability in IBM Websphere Application Server
IBM WebSphere Application Server (WAS) 8.x before 8.0.0.9 and 8.5.x before 8.5.5.2 allows remote attackers to read arbitrary files via a crafted URL.
network
ibm CWE-200
4.3
4.3
2014-05-01 CVE-2013-6323 Cross-Site Scripting vulnerability in IBM products
Cross-site scripting (XSS) vulnerability in the Administration Console in IBM WebSphere Application Server (WAS) 7.x before 7.0.0.33, 8.x before 8.0.0.9, and 8.5.x before 8.5.5.2, and WebSphere Virtual Enterprise 7.x before 7.0.0.5, allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.
network
ibm CWE-79
3.5
3.5