Page 22 of 147 results (0.012 seconds)

CVSS: 5.0EPSS: 0%CPEs: 45EXPL: 0

IBM WebSphere Application Server (WAS) 7.0.x before 7.0.0.35, 8.0.x before 8.0.0.10, and 8.5.x before 8.5.5.3 does not properly restrict resource access, which allows remote attackers to obtain sensitive information via unspecified vectors. IBM WebSphere Application Server (WAS) 7.0.x anterior a 7.0.0.35, 8.0.x anterior a 8.0.0.10, y 8.5.x anterior a 8.5.5.3 no restringe debidamente el acceso a recursos, lo que permite a atacantes remotos obtener información sensible a través de vectores no especificados. • http://www-01.ibm.com/support/docview.wss?uid=swg1PI17768 http://www-01.ibm.com/support/docview.wss?uid=swg21681249 http://www.securityfocus.com/bid/69298 https://exchange.xforce.ibmcloud.com/vulnerabilities/93954 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 4.3EPSS: 0%CPEs: 37EXPL: 0

IBM WebSphere Application Server (WAS) 7.0.x before 7.0.0.33, 8.0.x before 8.0.0.9, and 8.5.x before 8.5.5.3 allows remote attackers to obtain sensitive information via a crafted SOAP response. IBM WebSphere Application Server (WAS) 7.0.x anterior a 7.0.0.33, 8.0.x anterior a 8.0.0.9, y 8.5.x anterior a 8.5.5.3 permite a atacantes remotos obtener información sensible a través de una respuesta SOAP manipulada. • http://www-01.ibm.com/support/docview.wss?uid=swg1PI11434 http://www-01.ibm.com/support/docview.wss?uid=swg21676091 http://www-01.ibm.com/support/docview.wss?uid=swg21676092 http://www-01.ibm.com/support/docview.wss?uid=swg21681249 http://www.securityfocus.com/bid/68210 https://exchange.xforce.ibmcloud.com/vulnerabilities/92878 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 5.0EPSS: 0%CPEs: 16EXPL: 0

The addFileRegistryAccount Virtual Member Manager (VMM) SPI Admin Task in IBM WebSphere Application Server (WAS) 8.0.x before 8.0.0.10 and 8.5.x before 8.5.5.3 does not properly create accounts, which allows remote attackers to bypass intended access restrictions via unspecified vectors. addFileRegistryAccount Virtual Member Manager (VMM) SPI Admin Task en IBM WebSphere Application Server (WAS) 8.0.x anterior a 8.0.0.10 y 8.5.x anterior a 8.5.5.3 no crea cuentas debidamente, lo que permite a atacantes remotos evadir las restricciones de acceso a través de vectores no especificados. • http://www-01.ibm.com/support/docview.wss?uid=swg1PI16765 http://www-01.ibm.com/support/docview.wss?uid=swg21681249 http://www.securityfocus.com/bid/69296 https://exchange.xforce.ibmcloud.com/vulnerabilities/93777 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 4.3EPSS: 0%CPEs: 37EXPL: 0

IBM WebSphere Application Server (WAS) 7.0.x before 7.0.0.33, 8.0.x before 8.0.0.9, and 8.5.x before 8.5.5.3 allows remote attackers to obtain sensitive information via a crafted URL that triggers an error condition. IBM WebSphere Application Server (WAS) 7.0.x anterior a 7.0.0.33, 8.0.x anterior a 8.0.0.9, y 8.5.x anterior a 8.5.5.3 permite a atacantes remotos obtener información sensible a través de una URL manipulada que provoca una condición de error. • http://www-01.ibm.com/support/docview.wss?uid=swg1PI09594 http://www-01.ibm.com/support/docview.wss?uid=swg21676091 http://www-01.ibm.com/support/docview.wss?uid=swg21676092 http://www-01.ibm.com/support/docview.wss?uid=swg21681249 http://www.securityfocus.com/bid/68211 https://exchange.xforce.ibmcloud.com/vulnerabilities/93060 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 7.1EPSS: 0%CPEs: 16EXPL: 0

IBM WebSphere Application Server (WAS) 8.0.x before 8.0.0.10 and 8.5.x before 8.5.5.3, when Load Balancer for IPv4 Dispatcher is enabled, allows remote attackers to cause a denial of service (Load Balancer crash) via unspecified vectors. IBM WebSphere Application Server (WAS) 8.0.x anterior a 8.0.0.10 y 8.5.x anterior a 8.5.5.3, cuando Load Balancer para IPv4 Dispatcher está habilitado, permite a atacantes remotos causar una denegación de servicio (caída de Load Balancer) a través de vectores no especificados. • http://www-01.ibm.com/support/docview.wss?uid=swg1PI21189 http://www-01.ibm.com/support/docview.wss?uid=swg21681249 http://www.securityfocus.com/bid/69301 https://exchange.xforce.ibmcloud.com/vulnerabilities/94723 •