The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of IBM WebSphere Application Server Traditional

WebSphere AS: directory traversal via Admin Console
An attacker can traverse directories via Admin Console of WebSphere AS, in order to read a file outside the service root path...
6356083, 6357619, CVE-2020-4782, VIGILANCE-VUL-33695
Oracle Java, OpenJDK: vulnerabilities of October 2020
Several vulnerabilities were announced in Oracle products...
6379260, CERTFR-2020-AVI-663, cpuoct2020, CVE-2020-14779, CVE-2020-14781, CVE-2020-14782, CVE-2020-14792, CVE-2020-14796, CVE-2020-14797, CVE-2020-14798, CVE-2020-14803, DLA-2412-1, DLA-2412-2, DSA-2020-278, DSA-2021-001, DSA-4779-1, FEDORA-2020-421f817e5f, FEDORA-2020-81e511d0d8, FEDORA-2020-84137f197e, FEDORA-2020-a405eea76a, FEDORA-2020-d1b8d3f94a, FEDORA-2020-fdc79d8e5b, FEDORA-2020-febe36c3ac, openSUSE-SU-2020:1893-1, openSUSE-SU-2020:1984-1, openSUSE-SU-2020:1994-1, openSUSE-SU-2020:2048-1, openSUSE-SU-2020:2083-1, openSUSE-SU-2020:2170-1, RHSA-2020:4305-01, RHSA-2020:4306-01, RHSA-2020:4307-01, RHSA-2020:4316-01, RHSA-2020:4347-01, RHSA-2020:4348-01, RHSA-2020:4349-01, RHSA-2020:4350-01, RHSA-2020:4352-01, RHSA-2020:5585-01, RHSA-2020:5586-01, SUSE-SU-2020:14587-1, SUSE-SU-2020:14588-1, SUSE-SU-2020:3159-1, SUSE-SU-2020:3191-1, SUSE-SU-2020:3310-1, SUSE-SU-2020:3359-1, SUSE-SU-2020:3460-1, SUSE-SU-2020:3591-1, SUSE-SU-2020:3932-1, SUSE-SU-2021:0019-1, SUSE-SU-2021:0032-1, USN-4607-1, VIGILANCE-VUL-33649
WebSphere AS: information disclosure via Serialized Objects
An attacker can bypass access restrictions to data via Serialized Objects of WebSphere AS, in order to obtain sensitive information...
6339807, 6357619, CVE-2020-4576, VIGILANCE-VUL-33461
WebSphere AS: information disclosure via Specialized Access
An attacker can bypass access restrictions to data via Specialized Access of WebSphere AS, in order to obtain sensitive information...
6339255, 6343331, 6357619, CVE-2020-4629, VIGILANCE-VUL-33452
WebSphere AS: external XML entity injection
An attacker can transmit malicious XML data to WebSphere AS, in order to read a file, scan sites, or trigger a denial of service...
6334311, 6343331, 6357619, CERTFR-2020-AVI-583, CVE-2020-4643, VIGILANCE-VUL-33363
WebSphere AS: Cross Site Scripting via Server Admin Console
An attacker can trigger a Cross Site Scripting via Server Admin Console of WebSphere AS, in order to run JavaScript code in the context of the web site...
6328895, 6335277, CVE-2020-4578, VIGILANCE-VUL-33291
WebSphere Application Server ND: Cross Site Scripting via High Availability Deployment Manager
An attacker can trigger a Cross Site Scripting via High Availability Deployment Manager of WebSphere Application Server ND, in order to run JavaScript code in the context of the web site...
6323293, 6327363, CVE-2020-4575, VIGILANCE-VUL-33181
WebSphere AS: privilege escalation via UNC Paths
An attacker can bypass restrictions via UNC Paths of WebSphere AS, in order to escalate his privileges...
6255074, 6260987, CERTFR-2020-AVI-481, CVE-2020-4534, VIGILANCE-VUL-32978
WebSphere AS: code execution via SOAP Serialized Objects
An attacker can use a vulnerability via SOAP Serialized Objects of WebSphere AS, in order to run code...
6250059, 6260987, CVE-2020-4464, VIGILANCE-VUL-32865
Apache XML Graphics Batik: information disclosure via SSRF
An attacker can bypass access restrictions to data via SSRF of Apache XML Graphics Batik, in order to obtain sensitive information...
6322683, 6327363, 6344075, CERTFR-2020-AVI-531, cpujan2021, CVE-2019-17566, FEDORA-2020-cf8ef2f333, openSUSE-SU-2020:0851-1, openSUSE-SU-2020:1043-1, SUSE-SU-2020:1800-1, VIGILANCE-VUL-32600
Our database contains other pages. You can request a free trial to read them.

Display information about IBM WebSphere Application Server Traditional: