Vulnerabilities > IBM > Websphere Extreme Scale > 8.6.0.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-09-30 | CVE-2019-4115 | Cross-site Scripting vulnerability in IBM Websphere Extreme Scale IBM WebSphere eXtreme Scale 8.6 Admin API is vulnerable to cross-site scripting. | 5.4 |
| 2019-09-30 | CVE-2019-4112 | Improper Privilege Management vulnerability in IBM Websphere Extreme Scale IBM WebSphere eXtreme Scale 8.6 Admin Console allows web pages to be stored locally which can be read by another user on the system. | 3.3 |
| 2019-09-30 | CVE-2019-4109 | Improper Restriction of Rendered UI Layers or Frames vulnerability in IBM Websphere Extreme Scale IBM WebSphere eXtreme Scale 8.6 Admin Console could allow a remote attacker to hijack the clicking action of the victim. | 6.1 |
| 2019-09-30 | CVE-2019-4106 | Cross-site Scripting vulnerability in IBM Websphere Extreme Scale IBM WebSphere eXtreme Scale 8.6 Admin Console is vulnerable to cross-site scripting. | 4.8 |
| 2016-07-02 | CVE-2016-2861 | Information Exposure vulnerability in IBM Websphere Extreme Scale IBM WebSphere eXtreme Scale 7.1.0 before 7.1.0.3, 7.1.1 before 7.1.1.1, 8.5 before 8.5.0.3, and 8.6 before 8.6.0.8 does not properly encrypt data, which makes it easier for remote attackers to obtain sensitive information by sniffing the network. | 3.7 |
| 2016-07-02 | CVE-2016-0400 | Unspecified vulnerability in IBM Websphere Extreme Scale CRLF injection vulnerability in IBM WebSphere eXtreme Scale 7.1.0 before 7.1.0.3, 7.1.1 before 7.1.1.1, 8.5 before 8.5.0.3, and 8.6 before 8.6.0.8 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL. | 6.1 |