Vulnerabilities > IBM > Websphere Application Server

DATE CVE VULNERABILITY TITLE RISK
2021-05-26 CVE-2021-20492 XXE vulnerability in IBM Websphere Application Server
IBM WebSphere Application Server 8.0, 8.5, 9.0, and Liberty Java Batch is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data.
network
low complexity
ibm CWE-611
8.2
8.2
2021-04-21 CVE-2021-20454 XXE vulnerability in IBM Websphere Application Server
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data.
network
low complexity
ibm CWE-611
8.2
8.2
2021-04-20 CVE-2021-20453 XXE vulnerability in IBM Websphere Application Server
IBM WebSphere Application Server 8.0, 8.5, and 9.0 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data.
network
low complexity
ibm CWE-611
8.2
8.2
2021-04-08 CVE-2021-20480 Server-Side Request Forgery (SSRF) vulnerability in IBM Websphere Application Server
IBM WebSphere Application Server 7.0, 8.0, and 8.5 is vulnerable to server-side request forgery (SSRF).
network
low complexity
ibm CWE-918
6.5
6.5
2021-03-10 CVE-2020-5016 Path Traversal vulnerability in IBM Websphere Application Server
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to traverse directories on the system.
network
low complexity
ibm CWE-22
6.5
6.5
2021-02-18 CVE-2021-20354 Path Traversal vulnerability in IBM Websphere Application Server
IBM WebSphere Application Server 8.0, 8.5, and 9.0 could allow a remote attacker to traverse directories.
network
low complexity
ibm CWE-22
7.5
7.5
2021-02-10 CVE-2021-20353 XXE vulnerability in IBM Websphere Application Server
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data.
network
low complexity
ibm CWE-611
8.2
8.2
2021-01-26 CVE-2020-4949 XXE vulnerability in IBM Websphere Application Server
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data.
network
low complexity
ibm CWE-611
8.2
8.2
2020-10-28 CVE-2020-4782 Path Traversal vulnerability in IBM Websphere Application Server
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to traverse directories on the system.
network
low complexity
ibm CWE-22
6.5
6.5
2020-10-01 CVE-2020-4576 Unspecified vulnerability in IBM Websphere Application Server
IBM WebSphere Application Server 7.5, 8.0, 8.5, and 9.0 traditional could allow a remote attacker to obtain sensitive information with a specially-crafted sequence of serialized objects.
network
low complexity
ibm
7.5
7.5