- Home
- CVEs with nessus.description==IBM WebSphere Application Server 8.5 before Fix Pack 8.5.5 appears to be running on the remote host and is, therefore, potentially affected by the following vulnerabilities :
- The TLS protocol in the GSKIT component is vulnerable to a plaintext recovery attack. (CVE-2013-0169, PM85211)
- The WS-Security run time contains a flaw that could be triggered by a specially crafted SOAP request to execute arbitrary code. (CVE-2013-0482, PM76582)
- A flaw exists relating to OAuth that could allow a remote attacker to obtain someone else's credentials.
(CVE-2013-0597, PM85834, PM87131)
- A flaw exists relating to OpenJPA that is triggered during deserialization, which could allow a remote attacker to write to the file system and potentially execute arbitrary code. (CVE-2013-1768, PM86780, PM86786, PM86788, PM86791)
- An unspecified cross-site scripting vulnerability exists related to the administrative console. (CVE-2013-2967, PM78614)
- An unspecified vulnerability exists. (CVE-2013-2975)
- An information disclosure vulnerability exists relating to incorrect caching by the administrative console.
(CVE-2013-2976, PM79992)
- An improper process initialization flaw exists on UNIX platforms that could allow a local attacker to execute arbitrary commands. (CVE-2013-3024, PM86245)
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top