Skip to main content

Websphere

5 CVEs product

Monthly

CVE-2018-1848 MEDIUM PATCH This Month

IBM Business Automation Workflow 18.0.0.0 and 18.0.0.1 is vulnerable to cross-site scripting. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS IBM Business Automation Workflow Business Process Manager Websphere
NVD
CVSS 3.0
6.1
EPSS
1.3%
CVE-2016-9693 MEDIUM PATCH This Month

IBM Business Process Manager 7.5, 8.0, and 8.5 has a file download capability that is vulnerable to a set of attacks. Rated medium severity (CVSS 6.1), this vulnerability is no authentication required, low attack complexity.

IBM Authentication Bypass Business Process Manager Websphere
NVD
CVSS 3.0
6.1
EPSS
0.2%
CVE-2015-1884 MEDIUM PATCH This Month

Directory traversal vulnerability in IBM Business Process Manager (BPM) 7.5.x through 7.5.1.2, 8.0.x through 8.0.1.3, 8.5.0 through 8.5.0.1, and 8.5.5 through 8.5.5.0 and WebSphere Lombardi Edition. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal IBM Business Process Manager Websphere
NVD
CVSS 2.0
4.0
EPSS
0.8%
CVE-2015-0193 LOW Monitor

Cross-site scripting (XSS) vulnerability in IBM Business Process Manager (BPM) 7.5.x through 7.5.1.2, 8.0.x through 8.0.1.3, and 8.5.x through 8.5.5.0 and WebSphere Lombardi Edition (WLE) 7.2.x. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Business Process Manager Websphere
NVD
CVSS 2.0
3.5
EPSS
0.2%
CVE-2015-0156 LOW PATCH Monitor

Cross-site scripting (XSS) vulnerability in IBM Business Process Manager (BPM) 7.5.x through 7.5.1.2, 8.0.x through 8.0.1.3, and 8.5.x through 8.5.6.0 and WebSphere Lombardi Edition (WLE) 7.2.x. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.

IBM XSS Websphere Business Process Manager
NVD
CVSS 2.0
3.5
EPSS
0.2%
EPSS 1% CVSS 6.1
MEDIUM PATCH This Month

IBM Business Automation Workflow 18.0.0.0 and 18.0.0.1 is vulnerable to cross-site scripting. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS IBM Business Automation Workflow +2
NVD
EPSS 0% CVSS 6.1
MEDIUM PATCH This Month

IBM Business Process Manager 7.5, 8.0, and 8.5 has a file download capability that is vulnerable to a set of attacks. Rated medium severity (CVSS 6.1), this vulnerability is no authentication required, low attack complexity.

IBM Authentication Bypass Business Process Manager +1
NVD
EPSS 1% CVSS 4.0
MEDIUM PATCH This Month

Directory traversal vulnerability in IBM Business Process Manager (BPM) 7.5.x through 7.5.1.2, 8.0.x through 8.0.1.3, 8.5.0 through 8.5.0.1, and 8.5.5 through 8.5.5.0 and WebSphere Lombardi Edition. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal IBM Business Process Manager +1
NVD
EPSS 0% CVSS 3.5
LOW Monitor

Cross-site scripting (XSS) vulnerability in IBM Business Process Manager (BPM) 7.5.x through 7.5.1.2, 8.0.x through 8.0.1.3, and 8.5.x through 8.5.5.0 and WebSphere Lombardi Edition (WLE) 7.2.x. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Business Process Manager +1
NVD
EPSS 0% CVSS 3.5
LOW PATCH Monitor

Cross-site scripting (XSS) vulnerability in IBM Business Process Manager (BPM) 7.5.x through 7.5.1.2, 8.0.x through 8.0.1.3, and 8.5.x through 8.5.6.0 and WebSphere Lombardi Edition (WLE) 7.2.x. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.

IBM XSS Websphere +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy