Computer vulnerabilities of IBM WebSphere ESB

WebSphere AS: Cross Site Scripting via Admin Console
An attacker can trigger a Cross Site Scripting via Admin Console of WebSphere AS, in order to run JavaScript code in the context of the web site...
1992315, 1996037, 1996038, 1996145, 1996238, 7014463, 7036319, CVE-2016-8934, VIGILANCE-VUL-21297

WebSphere AS: information disclosure via SOAP
An attacker can bypass access restrictions to data via SOAP of WebSphere AS, in order to obtain sensitive information...
1991469, 1995949, 1996037, 1996038, 1996143, 1996240, CVE-2016-9736, VIGILANCE-VUL-21296

Oracle Java: vulnerabilities of October 2016
An attacker can use several vulnerabilities of Oracle Java...
1993440, 1994049, 1994123, 1994478, 1997764, 1999054, 1999395, 1999474, 1999478, 1999479, 1999488, 1999532, 2000212, 2000544, 2000904, 2000988, 2000990, 2001608, 2002331, 2002479, 2002537, 2003145, 2004036, 491108, CERTFR-2016-AVI-349, CERTFR-2017-AVI-012, cpuoct2016, CVE-2016-5542, CVE-2016-5554, CVE-2016-5556, CVE-2016-5568, CVE-2016-5573, CVE-2016-5582, CVE-2016-5597, DLA-704-1, DSA-3707-1, ESA-2016-137, FEDORA-2016-73054cfeeb, JSA10770, NTAP-20161019-0001, openSUSE-SU-2016:2862-1, openSUSE-SU-2016:2900-1, openSUSE-SU-2016:2985-1, openSUSE-SU-2016:2990-1, openSUSE-SU-2016:3088-1, RHSA-2016:2079-01, RHSA-2016:2088-01, RHSA-2016:2089-01, RHSA-2016:2090-01, RHSA-2016:2136-01, RHSA-2016:2137-01, RHSA-2016:2138-01, RHSA-2016:2658-01, RHSA-2016:2659-01, RHSA-2017:0061-01, SUSE-SU-2016:2887-1, SUSE-SU-2016:3010-1, SUSE-SU-2016:3040-1, SUSE-SU-2016:3041-1, SUSE-SU-2016:3043-1, SUSE-SU-2016:3068-1, SUSE-SU-2016:3078-1, USN-3121-1, USN-3130-1, USN-3154-1, VIGILANCE-VUL-20906, ZDI-16-571

Apache Commons FileUpload: read-write access
An attacker can bypass access restrictions of Apache Commons FileUpload, in order to read or alter files...
2009844, 2011428, 2011689, 528262, 7018113, 7043863, 7048591, CERTFR-2018-AVI-531, cisco-sa-20181107-struts-commons-fileupload, cpuapr2019, cpuapr2020, cpujan2019, cpujan2021, cpujul2019, cpujul2020, cpuoct2019, CVE-2016-1000031, DSA-2018-210, openSUSE-SU-2019:1399-1, SUSE-SU-2019:1212-2, SUSE-SU-2019:1214-1, SUSE-SU-2019:14044-1, TRA-2016-12, VIGILANCE-VUL-20892, ZDI-16-570

WebSphere AS: information disclosure via Server Identification
An attacker can bypass access restrictions to data via Server Identification of WebSphere AS, in order to obtain sensitive information...
1990056, 1990724, 1991900, 1991987, 1995793, 2002049, 2002050, 7014463, CVE-2016-5986, VIGILANCE-VUL-20625

WebSphere AS: information disclosure via HttpSessionIdReuse
An attacker can bypass access restrictions to data via HttpSessionIdReuse of WebSphere AS, in order to obtain sensitive information...
1982588, 1989628, 7014463, CVE-2016-0385, VIGILANCE-VUL-20407

WebSphere AS: Cross Site Request Forgery
An attacker can trigger a Cross Site Request Forgery of WebSphere AS, in order to force the victim to perform operations...
1980645, 1989353, 1989628, 1995384, 7014463, CVE-2016-0377, VIGILANCE-VUL-20406

WebSphere AS: denial of service via SIP
An attacker can send a malicious SIP packet to IBM WebSphere AS, in order to trigger a denial of service...
1984796, 1989351, 1989628, 7014463, CVE-2016-2960, VIGILANCE-VUL-20285

Oracle Java: vulnerabilities of July 2016
An attacker can use several vulnerabilities of Oracle Java...
1988339, 1988894, 1988978, 1989049, 1989337, 1990031, 1990448, 1991383, 1991909, 1991910, 1991911, 1991913, 1991997, 1995792, 1995799, 2001630, 2007242, 486953, CERTFR-2016-AVI-243, cpujul2016, CVE-2016-3458, CVE-2016-3485, CVE-2016-3498, CVE-2016-3500, CVE-2016-3503, CVE-2016-3508, CVE-2016-3511, CVE-2016-3550, CVE-2016-3552, CVE-2016-3587, CVE-2016-3598, CVE-2016-3606, CVE-2016-3610, DLA-579-1, DSA-3641-1, ESA-2016-099, FEDORA-2016-588e386aaa, FEDORA-2016-c07d18b2a5, FEDORA-2016-c60d35c46c, openSUSE-SU-2016:2050-1, openSUSE-SU-2016:2051-1, openSUSE-SU-2016:2052-1, openSUSE-SU-2016:2058-1, RHSA-2016:1458-01, RHSA-2016:1475-01, RHSA-2016:1476-01, RHSA-2016:1477-01, RHSA-2016:1504-01, RHSA-2016:1587-01, RHSA-2016:1588-01, RHSA-2016:1589-01, RHSA-2016:1776-01, SB10166, SOL05016441, SOL25075696, SUSE-SU-2016:1997-1, SUSE-SU-2016:2012-1, SUSE-SU-2016:2261-1, SUSE-SU-2016:2286-1, SUSE-SU-2016:2347-1, SUSE-SU-2016:2348-1, SUSE-SU-2016:2726-1, USN-3043-1, USN-3062-1, USN-3077-1, VIGILANCE-VUL-20169, ZDI-16-445, ZDI-16-446, ZDI-16-447, ZDI-16-448

Apache Tomcat: denial of service via FileUpload
An attacker can send files of a specially chosen size to Apache Tomcat, in order to overload the server...
1987864, 1989628, 1990172, 1991866, 1991867, 1991870, 1991871, 1991875, 1991876, 1991878, 1991880, 1991882, 1991884, 1991885, 1991886, 1991887, 1991889, 1991892, 1991894, 1991896, 1991902, 1991903, 1991951, 1991955, 1991959, 1991960, 1991961, 1992835, 1995388, 1995793, 2000095, 2000544, 2001563, 2012109, 2015814, 7014463, bulletinjul2016, c05324759, cpuapr2017, cpuapr2018, cpujul2017, cpujul2018, cpuoct2017, CVE-2016-3092, DLA-528-1, DLA-529-1, DSA-3609-1, DSA-3611-1, DSA-3614-1, FEDORA-2016-0a4dccdd23, FEDORA-2016-2b0c16fd82, HPSBUX03665, openSUSE-SU-2016:2252-1, RHSA-2016:2068-01, RHSA-2016:2069-01, RHSA-2016:2070-01, RHSA-2016:2071-01, RHSA-2016:2072-01, RHSA-2016:2599-02, RHSA-2016:2807-01, RHSA-2016:2808-01, RHSA-2017:0455-01, RHSA-2017:0456-01, RHSA-2017:0457-01, SUSE-SU-2017:1660-1, USN-3024-1, USN-3027-1, VIGILANCE-VUL-19953

Our database contains other pages. You can request a free trial to read them.

Display information about IBM WebSphere ESB:

https://www.ibm.com/support/knowledgecenter/en/SS7J6S/mapfiles/product_welcome.html