Shodan
Vulnerabilities
Vulnerable Software
Ibm:  >> Websphere Application Server  >> 8.5.5.8  Security Vulnerabilities
CVE-2020-4575
IBM WebSphere Application Server ND 8.5 and 9.0, and IBM WebSphere Virtual Enterprise 7.0 and 8.0 are vulnerable to cross-site scripting when High Availability Deployment Manager is configured.
CVSS Score
4.7
EPSS Score
0.001
Published
2020-08-27
CVE-2020-4589
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to execute arbitrary code on the system with a specially-crafted sequence of serialized objects from untrusted sources. IBM X-Force ID: 184585.
CVSS Score
8.1
EPSS Score
0.068
Published
2020-08-13
CVE-2020-4464
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 traditional could allow a remote attacker to execute arbitrary code on a system with a specially-crafted sequence of serialized objects over the SOAP connector. IBM X-Force ID: 181489.
CVSS Score
8.8
EPSS Score
0.379
Published
2020-07-17
CVE-2020-4448
IBM WebSphere Application Server Network Deployment 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to execute arbitrary code on the system with a specially-crafted sequence of serialized objects from untrusted sources. IBM X-Force ID: 181228.
CVSS Score
9.8
EPSS Score
0.162
Published
2020-06-05
CVE-2020-4449
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 traditional could allow a remote attacker to obtain sensitive information with a specially-crafted sequence of serialized objects. IBM X-Force ID: 181230.
CVSS Score
7.5
EPSS Score
0.008
Published
2020-06-05
CVE-2020-4450
IBM WebSphere Application Server 8.5 and 9.0 traditional could allow a remote attacker to execute arbitrary code on the system with a specially-crafted sequence of serialized objects. IBM X-Force ID: 181231.
CVSS Score
9.8
EPSS Score
0.768
Published
2020-06-05
CVE-2020-4365
IBM WebSphere Application Server 8.5 is vulnerable to server-side request forgery. By sending a specially crafted request, a remote authenticated attacker could exploit this vulnerability to obtain sensitive data. IBM X-Force ID: 178964.
CVSS Score
5.3
EPSS Score
0.002
Published
2020-05-14
CVE-2020-4329
IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0 and Liberty 17.0.0.3 through 20.0.0.4 could allow a remote, authenticated attacker to obtain sensitive information, caused by improper parameter checking. This could be exploited to conduct spoofing attacks. IBM X-Force ID: 177841.
CVSS Score
4.3
EPSS Score
0.001
Published
2020-04-28
CVE-2020-4362
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 traditional is vulnerable to a privilege escalation vulnerability when using token-based authentication in an admin request over the SOAP connector. IBM X-Force ID: 178929.
CVSS Score
7.5
EPSS Score
0.006
Published
2020-04-10
CVE-2020-4276
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 traditional is vulnerable to a privilege escalation vulnerability when using token-based authentication in an admin request over the SOAP connector. X-Force ID: 175984.
CVSS Score
7.5
EPSS Score
0.005
Published
2020-03-26


Products
Pricing
Contact Us

Shodan ® - All rights reserved