CVEInsight.

Free vulnerability intelligence for developers, security teams, and researchers. Data sourced from public databases for informational purposes only.

Explore

Legal

CVE data sourced from NVD / NIST & public disclosures.

ibm

websphere_virtual_enterprise

4 known vulnerabilities · sorted by CVSS score

CVE-2020-4448

CRITICAL9.8

IBM WebSphere Application Server Network Deployment 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to execute arbitrary code on the system with a specially-crafted sequence of serialized objects from untrusted sources. IBM X-Force ID: 181228.

ibm / websphere_application_server+3

Network

Published Jun 5, 2020

CVE-2020-4575

MEDIUM6.1

IBM WebSphere Application Server ND 8.5 and 9.0, and IBM WebSphere Virtual Enterprise 7.0 and 8.0 are vulnerable to cross-site scripting when High Availability Deployment Manager is configured.

ibm / websphere_application_server+3

Network

Published Aug 27, 2020

CVE-2019-4030

MEDIUM5.4

IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 155946.

ibm / websphere_application_server+3

Network

Published Mar 6, 2019

CVE-2019-4505

MEDIUM5.3

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Network Deployment could allow a remote attacker to obtain sensitive information, caused by sending a specially-crafted URL. This can lead the attacker to view any file in a certain directory. IBM X-Force ID: 164364.

ibm / websphere_application_server+3

Network

Published Sep 20, 2019