Vulnerabilities > IBM > Websphere Extreme Scale > 7.1.1

DATE CVE VULNERABILITY TITLE RISK
2017-02-08 CVE-2015-7418 Information Exposure vulnerability in IBM Websphere Extreme Scale
IBM WebSphere eXtreme Scale and the WebSphere DataPower XC10 Appliance allow some sensitive data to linger in memory instead of being overwritten which could allow a local user with administrator privileges to obtain sensitive information.
local
low complexity
ibm CWE-200
4.4
4.4
2016-07-02 CVE-2016-2861 Information Exposure vulnerability in IBM Websphere Extreme Scale
IBM WebSphere eXtreme Scale 7.1.0 before 7.1.0.3, 7.1.1 before 7.1.1.1, 8.5 before 8.5.0.3, and 8.6 before 8.6.0.8 does not properly encrypt data, which makes it easier for remote attackers to obtain sensitive information by sniffing the network.
network
high complexity
ibm CWE-200
3.7
3.7
2016-07-02 CVE-2016-0400 Unspecified vulnerability in IBM Websphere Extreme Scale
CRLF injection vulnerability in IBM WebSphere eXtreme Scale 7.1.0 before 7.1.0.3, 7.1.1 before 7.1.1.1, 8.5 before 8.5.0.3, and 8.6 before 8.6.0.8 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL.
network
low complexity
ibm
6.1
6.1