IBM » Websphere Application Server » 7.0.0.3 : Security Vulnerabilities, CVEs, Published In 2014 (Information Leak)
IBM WebSphere Application Server (WAS) 7.0.x before 7.0.0.33, 8.0.x before 8.0.0.9, and 8.5.x before 8.5.5.3 allows remote attackers to obtain sensitive information via a crafted URL that triggers an error condition.
Max CVSS
4.3
EPSS Score
0.46%
Published
2014-08-22
Updated
2017-08-29
IBM WebSphere Application Server (WAS) 7.0.x before 7.0.0.33, 8.0.x before 8.0.0.9, and 8.5.x before 8.5.5.3 allows remote attackers to obtain sensitive information via a crafted SOAP response.
Max CVSS
4.3
EPSS Score
0.46%
Published
2014-08-22
Updated
2017-08-29
IBM WebSphere Application Server (WAS) 7.0.x before 7.0.0.33, 8.0.x before 8.0.0.9, and 8.5.x before 8.5.5.2 allows remote attackers to obtain sensitive information by leveraging incorrect request handling by the (1) Proxy or (2) ODR server.
Max CVSS
5.0
EPSS Score
0.38%
Published
2014-06-28
Updated
2017-08-29
IBM WebSphere Application Server 7.x before 7.0.0.31, when simpleFileServlet static file caching is enabled, allows remote authenticated users to obtain sensitive information via unspecified vectors.
Max CVSS
3.5
EPSS Score
0.12%
Published
2014-01-16
Updated
2017-08-29
4 vulnerabilities found