Skip to main content

Websphere Automation

3 CVEs product

Monthly

CVE-2024-54181 HIGH This Week

IBM WebSphere Automation 1.7.5 could allow a remote privileged user, who has authorized access to the swagger UI, to execute arbitrary code. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM RCE Command Injection Websphere Automation
NVD
CVSS 3.1
7.2
EPSS
1.0%
CVE-2024-28764 HIGH This Week

IBM WebSphere Automation 1.7.0 could allow an attacker with privileged access to the network to conduct a CSV injection. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

IBM Code Injection Websphere Automation
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2024-28775 MEDIUM This Month

IBM WebSphere Automation 1.7.0 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM XSS Websphere Automation
NVD
CVSS 3.1
5.4
EPSS
0.4%
EPSS 1% CVSS 7.2
HIGH This Week

IBM WebSphere Automation 1.7.5 could allow a remote privileged user, who has authorized access to the swagger UI, to execute arbitrary code. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM RCE Command Injection +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

IBM WebSphere Automation 1.7.0 could allow an attacker with privileged access to the network to conduct a CSV injection. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

IBM Code Injection Websphere Automation
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

IBM WebSphere Automation 1.7.0 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM XSS Websphere Automation
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy