Max CVSS 6.8 Min CVSS 4.4 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2015-1927 6.8
The default configuration of IBM WebSphere Application Server (WAS) 7.0.0 before 7.0.0.39, 8.0.0 before 8.0.0.11, and 8.5 before 8.5.5.6 has a false value for the com.ibm.ws.webcontainer.disallowServeServletsByClassname WebContainer property, which a
22-12-2016 - 02:59 14-07-2015 - 17:59
CVE-2015-1936 6.0
The administrative console in IBM WebSphere Application Server (WAS) 8.0.0 before 8.0.0.11 and 8.5 before 8.5.5.6, when the Security feature is disabled, allows remote authenticated users to hijack sessions via the JSESSIONID parameter.
30-11-2016 - 03:00 14-07-2015 - 17:59
CVE-2015-1946 4.4
IBM WebSphere Application Server (WAS) 8.5 before 8.5.5.6, and WebSphere Virtual Enterprise 7.0 before 7.0.0.6 for WebSphere Application Server (WAS) 7.0 and 8.0, does not properly implement user roles, which allows local users to gain privileges via
28-11-2016 - 19:19 14-07-2015 - 17:59
Back to Top Mark selected
Back to Top