Shodan
Vulnerabilities
Vulnerable Software
Ibm:  >> Websphere Extreme Scale  Security Vulnerabilities
CVE-2015-2029
Session fixation vulnerability in IBM WebSphere eXtreme Scale 7.1.0 before 7.1.0.3 and 7.1.1 before 7.1.1.1 allows remote attackers to hijack web sessions via a session identifier.
CVSS Score
4.3
EPSS Score
0.002
Published
2015-10-04
CVE-2015-2028
CRLF injection vulnerability in IBM WebSphere eXtreme Scale 7.1.0 before 7.1.0.3 and 7.1.1 before 7.1.1.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL.
CVSS Score
4.3
EPSS Score
0.002
Published
2015-10-04
CVE-2015-2027
IBM WebSphere eXtreme Scale 7.1.0 before 7.1.0.3 and 7.1.1 before 7.1.1.1 improperly performs logout actions, which allows remote attackers to bypass intended access restrictions by leveraging an unattended workstation.
CVSS Score
2.1
EPSS Score
0.001
Published
2015-10-04
CVE-2015-2026
Cross-site request forgery (CSRF) vulnerability in IBM WebSphere eXtreme Scale 7.1.0 before 7.1.0.3 and 7.1.1 before 7.1.1.1 allows remote authenticated users to hijack the authentication of arbitrary users for requests that insert XSS sequences.
CVSS Score
6.0
EPSS Score
0.001
Published
2015-10-04
CVE-2015-2025
IBM WebSphere eXtreme Scale 7.1.0 before 7.1.0.3 and 7.1.1 before 7.1.1.1 does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session.
CVSS Score
4.3
EPSS Score
0.003
Published
2015-10-04
CVE-2015-4936
Unspecified vulnerability in IBM WebSphere eXtreme Scale 8.6 through 8.6.0.8 allows remote attackers to cause a denial of service via unknown vectors.
CVSS Score
5.0
EPSS Score
0.005
Published
2015-08-03
CVE-2013-5390
Cross-site scripting (XSS) vulnerability in the monitoring console in IBM WebSphere eXtreme Scale 7.1.0, 7.1.1, 8.5.0, and 8.6.0 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
CVSS Score
3.5
EPSS Score
0.002
Published
2013-10-16
CVE-2013-5393
The monitoring console in IBM WebSphere eXtreme Scale 7.1.0, 7.1.1, 8.5.0, and 8.6.0 does not properly process logoff actions, which has unspecified impact and remote attack vectors.
CVSS Score
7.5
EPSS Score
0.004
Published
2013-10-16
CVE-2013-5394
The monitoring console in IBM WebSphere eXtreme Scale 7.1.0, 7.1.1, 8.5.0, and 8.6.0 allows remote authenticated users to conduct phishing attacks via unspecified vectors.
CVSS Score
4.9
EPSS Score
0.002
Published
2013-10-16


Products
Pricing
Contact Us

Shodan ® - All rights reserved