Vulnerabilities > IBM > Websphere Application Server > 9.0.5.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-04-10 | CVE-2020-4362 | Improper Privilege Management vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 traditional is vulnerable to a privilege escalation vulnerability when using token-based authentication in an admin request over the SOAP connector. | 6.5 |
2020-03-26 | CVE-2020-4276 | Improper Privilege Management vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 traditional is vulnerable to a privilege escalation vulnerability when using token-based authentication in an admin request over the SOAP connector. | 6.0 |
2020-02-05 | CVE-2019-4670 | Unspecified vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to obtain sensitive information caused by improper data representation. | 4.0 |
2020-02-04 | CVE-2020-4163 | Improper Privilege Management vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0, under specialized conditions, could allow an authenticated user to create a maliciously crafted file name which would be misinterpreted as jsp content and executed. | 6.0 |
2020-01-31 | CVE-2019-4720 | Allocation of Resources Without Limits or Throttling vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to a denial of service, caused by sending a specially-crafted request. | 5.0 |
2019-10-03 | CVE-2019-4441 | Information Exposure Through an Error Message vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0, and Liberty could allow a remote attacker to obtain sensitive information when a stack trace is returned in the browser. | 5.3 |
2019-09-17 | CVE-2019-4442 | Path Traversal vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9,0 could allow a remote attacker to traverse directories on the file system. | 4.3 |