- Home
- CVEs with nessus.description==IBM WebSphere Application Server 8.5 prior to Fix Pack 8.5.5.2 appears to be running on the remote host and is, therefore, potentially affected by the following vulnerabilities :
- Numerous errors exist related to the included IBM SDK for Java (based on the Oracle JDK) that could allow denial of service attacks and information disclosure.
(CVE-2013-5372, CVE-2013-5780, CVE-2013-5803)
- User input validation errors exist related to the Administrative console and the Oauth component that could allow cross-site scripting attacks.
(CVE-2013-6725 / PM98132, CVE-2013-6323 / PI04777, CVE-2013-6738 / PI05661)
- An error exists due to a failure to properly handle by web services endpoint requests that could allow denial of service attacks.
(CVE-2013-6325 / PM99450, PI08267)
- An error exists in the included IBM Global Security Kit related to SSL handling that could allow denial of service attacks. (CVE-2013-6329 / PI05309)
- A flaw exists with the 'mod_dav' module that is caused when tracking the length of CDATA that has leading white space. A remote attacker with a specially crafted DAV WRITE request can cause the service to stop responding. (CVE-2013-6438 / PI09345)
- An error exists in the included IBM Global Security Kit related to malformed X.509 certificate chain handling that could allow denial of service attacks.
(CVE-2013-6747 / PI09443)
- An error exists in the included Apache Tomcat version related to handling 'Content-Type' HTTP headers and multipart requests such as file uploads that could allow denial of service attacks. (CVE-2014-0050 / PI12648, PI12926)
- An unspecified error exists that could allow file disclosures to remote unauthenticated attackers.
(CVE-2014-0823 / PI05324)
- An unspecified error exists related to the Administrative console that could allow a security bypass. (CVE-2014-0857 / PI07808)
- An error exists related to a web server plugin and retrying failed POST requests that could allow denial of service attacks. (CVE-2014-0859 / PI08892)
- An error exists related to the Proxy and ODR components that could allow information disclosure. (CVE-2014-0891 / PI09786)
- An unspecified error exists related to the 'Liberty Profile' that could allow information disclosure.
(CVE-2014-0896 / PI10134)
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top