Known Vulnerabilities for Websphere Application Server by Ibm

Listed below are 10 of the newest known vulnerabilities associated with the software "Websphere Application Server" by "Ibm".

These CVEs are retrieved based on exact matches on listed software and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.

Data on known vulnerable versions is also displayed based on information from known CPEs

Known Vulnerabilities

CVE Shortened Description Severity Publish Date Last Modified
CVE-2021-29842 IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0 and Liberty 17.0.0.3 through 21.0.0.9 could allow a remote user to enumer... Not Provided 2021-09-16 2021-09-16
CVE-2021-29754 IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to a privilege escalation vulnerability when using the ... 8.8 - HIGH 2021-06-11 2021-06-21
CVE-2021-29736 IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote user to gain elevated privileges on the system. ... 8.8 - HIGH 2021-07-30 2021-08-05
CVE-2021-20492 IBM WebSphere Application Server 8.0, 8.5, 9.0, and Liberty Java Batch is vulnerable to an XML External Entity Injection (XXE... 8.2 - HIGH 2021-05-26 2021-06-04
CVE-2021-20480 IBM WebSphere Application Server 7.0, 8.0, and 8.5 is vulnerable to server-side request forgery (SSRF). By sending a speciall... 6.5 - MEDIUM 2021-04-08 2021-04-13
CVE-2021-20454 IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to a XML External Entity Injection (XXE) attack when pr... 8.2 - HIGH 2021-04-21 2021-04-23
CVE-2021-20453 IBM WebSphere Application Server 8.0, 8.5, and 9.0 is vulnerable to a XML External Entity Injection (XXE) attack when process... 8.2 - HIGH 2021-04-20 2021-04-23
CVE-2021-20354 IBM WebSphere Application Server 8.0, 8.5, and 9.0 could allow a remote attacker to traverse directories. An attacker could s... 7.5 - HIGH 2021-02-18 2021-02-22
CVE-2021-20353 IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to an XML External Entity Injection (XXE) attack when p... 8.2 - HIGH 2021-02-10 2021-02-11
CVE-2020-4163 IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0, under specialized conditions, could allow an authenticated user to c... 7.2 - HIGH 2020-02-04 2021-07-21

Known Affected Configurations (CPE V2.3)

Type Vendor Product Version Update Edition Language
ApplicationIbmWebsphere Application Server9.0.5.7AllAllAll
ApplicationIbmWebsphere Application Server9.0.5.6AllAllAll
ApplicationIbmWebsphere Application Server9.0.5.5AllAllAll
ApplicationIbmWebsphere Application Server9.0.5.5AllAllAll
ApplicationIbmWebsphere Application Server9.0.5.4AllAllAll
ApplicationIbmWebsphere Application Server9.0.5.3AllAllAll
ApplicationIbmWebsphere Application Server9.0.5.3AllAllAll
ApplicationIbmWebsphere Application Server9.0.5.2AllAllAll
ApplicationIbmWebsphere Application Server9.0.5.2AllAllAll
ApplicationIbmWebsphere Application Server9.0.5.1AllAllAll
ApplicationIbmWebsphere Application Server9.0.5.1AllAllAll
ApplicationIbmWebsphere Application Server9.0.5.1AllAllAll
ApplicationIbmWebsphere Application Server9.0.5.0AllAllAll
ApplicationIbmWebsphere Application Server9.0.0.9AllAllAll
ApplicationIbmWebsphere Application Server9.0.0.8AllAllAll
ApplicationIbmWebsphere Application Server9.0.0.7AllAllAll
ApplicationIbmWebsphere Application Server9.0.0.6AllAllAll
ApplicationIbmWebsphere Application Server9.0.0.5AllAllAll
ApplicationIbmWebsphere Application Server9.0.0.4AllAllAll
ApplicationIbmWebsphere Application Server9.0.0.3AllAllAll

Popular searches for Websphere Application Server

WebSphere Application Server - Overview

www.ibm.com/cloud/websphere-application-server

WebSphere Application Server - Overview Explore WebSphere Application Server products the most advanced application server D B @ for building and running Java apps and enterprise applications.

www.ibm.com/cloud/websphere-application-platform/?lnk=hpmps_bupr&lnk2=learn www-01.ibm.com/software/websphere www-01.ibm.com/software/websphere/events/impact www.ibm.com/cloud/websphere-application-platform www-01.ibm.com/software/webservers/appserv/was www.ibm.com/be-en/marketplace/java-ee-runtime www.ibm.com/developerworks/downloads/ws/was www-306.ibm.com/software/websphere www.ibm.com/mx-es/marketplace/java-ee-runtime?lnk=hpmps_bupr_mxes&lnk2=learn IBM WebSphere Application Server IBM WebSphere Application software Cloud computing Enterprise software Application server IBM Java Platform, Enterprise Edition Java (programming language) Web conferencing Runtime system Microservices Kubernetes IBM cloud computing Return on investment Software deployment Hybrid kernel High availability Application streaming Pricing

Security Bulletin: Vulnerability in Apache Commons affects IBM WebSphere Application Server (CVE-2015-7450)

www-01.ibm.com/support/docview.wss?uid=swg21970575

Security Bulletin: Vulnerability in Apache Commons affects IBM WebSphere Application Server CVE-2015-7450 An Apache Commons Collections vulnerability for handling Java object deserialization was addressed by WebSphere Application Server WebSphere Application Server @ > < Hypervisor Edition. This vulnerability does not affect the IBM HTTP Server WebSphere Application Server Version 7.0.

www.ibm.com/support/docview.wss?uid=swg21970575 IBM WebSphere Application Server Vulnerability (computing) Apache Commons Common Vulnerabilities and Exposures IBM Hypervisor Java (programming language) Computer security Serialization Internet Explorer 7 IBM HTTP Server Common Vulnerability Scoring System Plain old Java object JAR (file format) Search algorithm Source code Class (computer programming) Software versioning Search engine technology Computing platform

© CVE.report 2021 Twitter Nitter Twitter Viewer |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

CVE.report and Source URL Uptime Status status.cve.report