Ibm Websphere_extreme_scale

19 CVEs affecting Ibm Websphere_extreme_scale. Latest disclosed: 2021-01-06. Critical: 0, High: 0.

Top CVEs affecting Ibm Websphere_extreme_scale
CVESeverityScorePublishedSummary
CVE-2019-4109Medium6.12019-09-30IBM WebSphere eXtreme Scale 8.6 Admin Console could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a mali…
CVE-2016-0400Medium6.12016-07-02CRLF injection vulnerability in IBM WebSphere eXtreme Scale 7.1.0 before 7.1.0.3, 7.1.1 before 7.1.1.1, 8.5 before 8.5.0.3, and 8.6 before 8.6.0.8 allows remot…
CVE-2019-4115Medium5.42019-09-30IBM WebSphere eXtreme Scale 8.6 Admin API is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web…
CVE-2020-4336Medium5.32021-01-06IBM WebSphere eXtreme Scale 8.6.1 stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access t…
CVE-2019-4106Medium4.82019-09-30IBM WebSphere eXtreme Scale 8.6 Admin Console is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the…
CVE-2015-7418Medium4.42017-02-08IBM WebSphere eXtreme Scale and the WebSphere DataPower XC10 Appliance allow some sensitive data to linger in memory instead of being overwritten which could a…
CVE-2016-2861Low3.72016-07-02IBM WebSphere eXtreme Scale 7.1.0 before 7.1.0.3, 7.1.1 before 7.1.1.1, 8.5 before 8.5.0.3, and 8.6 before 8.6.0.8 does not properly encrypt data, which makes…
CVE-2019-4112Low3.32019-09-30IBM WebSphere eXtreme Scale 8.6 Admin Console allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 158105.
CVE-2015-20312015-10-04Cross-site scripting (XSS) vulnerability in IBM WebSphere eXtreme Scale 7.1.0 before 7.1.0.3 and 7.1.1 before 7.1.1.1 allows remote authenticated users to inje…
CVE-2015-20302015-10-04IBM WebSphere eXtreme Scale 7.1.0 before 7.1.0.3 and 7.1.1 before 7.1.1.1 has an improper account-lockout setting, which makes it easier for remote attackers t…
CVE-2015-20292015-10-04Session fixation vulnerability in IBM WebSphere eXtreme Scale 7.1.0 before 7.1.0.3 and 7.1.1 before 7.1.1.1 allows remote attackers to hijack web sessions via…
CVE-2015-20282015-10-04CRLF injection vulnerability in IBM WebSphere eXtreme Scale 7.1.0 before 7.1.0.3 and 7.1.1 before 7.1.1.1 allows remote attackers to inject arbitrary HTTP head…
CVE-2015-20272015-10-04IBM WebSphere eXtreme Scale 7.1.0 before 7.1.0.3 and 7.1.1 before 7.1.1.1 improperly performs logout actions, which allows remote attackers to bypass intended…
CVE-2015-20262015-10-04Cross-site request forgery (CSRF) vulnerability in IBM WebSphere eXtreme Scale 7.1.0 before 7.1.0.3 and 7.1.1 before 7.1.1.1 allows remote authenticated users…
CVE-2015-20252015-10-04IBM WebSphere eXtreme Scale 7.1.0 before 7.1.0.3 and 7.1.1 before 7.1.1.1 does not set the secure flag for the session cookie in an https session, which makes…
CVE-2015-49362015-08-03Unspecified vulnerability in IBM WebSphere eXtreme Scale 8.6 through 8.6.0.8 allows remote attackers to cause a denial of service via unknown vectors.
CVE-2013-53942013-10-16The monitoring console in IBM WebSphere eXtreme Scale 7.1.0, 7.1.1, 8.5.0, and 8.6.0 allows remote authenticated users to conduct phishing attacks via unspecif…
CVE-2013-53932013-10-16The monitoring console in IBM WebSphere eXtreme Scale 7.1.0, 7.1.1, 8.5.0, and 8.6.0 does not properly process logoff actions, which has unspecified impact and…
CVE-2013-53902013-10-16Cross-site scripting (XSS) vulnerability in the monitoring console in IBM WebSphere eXtreme Scale 7.1.0, 7.1.1, 8.5.0, and 8.6.0 allows remote authenticated us…