Shodan
Vulnerabilities
Vulnerable Software
Ibm:  >> Websphere Extreme Scale  >> 8.6.0  Security Vulnerabilities
CVE-2019-4106
IBM WebSphere eXtreme Scale 8.6 Admin Console is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 158099.
CVSS Score
4.8
EPSS Score
0.002
Published
2019-09-30
CVE-2019-4109
IBM WebSphere eXtreme Scale 8.6 Admin Console could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 158102.
CVSS Score
6.1
EPSS Score
0.002
Published
2019-09-30
CVE-2019-4112
IBM WebSphere eXtreme Scale 8.6 Admin Console allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 158105.
CVSS Score
4.0
EPSS Score
0.0
Published
2019-09-30
CVE-2019-4115
IBM WebSphere eXtreme Scale 8.6 Admin API is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 158113.
CVSS Score
5.4
EPSS Score
0.002
Published
2019-09-30
CVE-2016-2861
IBM WebSphere eXtreme Scale 7.1.0 before 7.1.0.3, 7.1.1 before 7.1.1.1, 8.5 before 8.5.0.3, and 8.6 before 8.6.0.8 does not properly encrypt data, which makes it easier for remote attackers to obtain sensitive information by sniffing the network.
CVSS Score
3.7
EPSS Score
0.002
Published
2016-07-02
CVE-2013-5390
Cross-site scripting (XSS) vulnerability in the monitoring console in IBM WebSphere eXtreme Scale 7.1.0, 7.1.1, 8.5.0, and 8.6.0 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
CVSS Score
3.5
EPSS Score
0.002
Published
2013-10-16
CVE-2013-5393
The monitoring console in IBM WebSphere eXtreme Scale 7.1.0, 7.1.1, 8.5.0, and 8.6.0 does not properly process logoff actions, which has unspecified impact and remote attack vectors.
CVSS Score
7.5
EPSS Score
0.004
Published
2013-10-16
CVE-2013-5394
The monitoring console in IBM WebSphere eXtreme Scale 7.1.0, 7.1.1, 8.5.0, and 8.6.0 allows remote authenticated users to conduct phishing attacks via unspecified vectors.
CVSS Score
4.9
EPSS Score
0.002
Published
2013-10-16


Products
Pricing
Contact Us

Shodan ® - All rights reserved