This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:ibm:websphere_application_server
Detail
VendorIbmFirst view 2001-09-19
ProductWebsphere Application ServerLast view2016-11-24
VersionTypeApplication
Edition 
Language 
Update 
 
CPE Productcpe:/a:ibm:websphere_application_server

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
 DateAlertAccess VectorAccess ComplexityAuthentication
4.32016-11-24CVE-2016-0378NetworkMediumNone Requ...
6.42016-06-06CVE-2015-5041NetworkLowNone Requ...
4.32015-03-31CVE-2015-2808NetworkMediumNone Requ...
4.32013-04-24CVE-2013-0542NetworkMediumNone Requ...
4.32013-03-15CVE-2013-2566NetworkMediumNone Requ...
Hide | Show 20 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
4.32012-11-14CVE-2012-4851NetworkMediumNone Requ...
6.82012-05-01CVE-2012-2162NetworkMediumNone Requ...
6.82011-07-18CVE-2010-3271NetworkMediumNone Requ...
52011-03-08CVE-2011-1318NetworkLowNone Requ...
52011-03-08CVE-2011-1316NetworkLowNone Requ...
52011-03-08CVE-2011-1315NetworkLowNone Requ...
52011-03-08CVE-2011-1314NetworkLowNone Requ...
62011-03-08CVE-2011-1311NetworkMediumRequires ...
7.52011-03-08CVE-2011-1309NetworkLowNone Requ...
4.32011-03-08CVE-2011-1308NetworkMediumNone Requ...
2.12011-03-08CVE-2011-1307LocalLowNone Requ...
4.32010-06-18CVE-2010-2325NetworkMediumNone Requ...
7.52010-06-18CVE-2010-2324NetworkLowNone Requ...
52010-06-18CVE-2010-2323NetworkLowNone Requ...
4.32010-05-27CVE-2010-2087NetworkMediumNone Requ...
42010-04-01CVE-2010-0770NetworkLowRequires ...
1.92010-04-01CVE-2010-0769LocalMediumNone Requ...
4.32010-04-01CVE-2010-0768NetworkMediumNone Requ...
102009-06-03CVE-2009-1901NetworkLowNone Requ...

CWE : Common Weakness Enumeration

%idName
25% (9)CWE-200Information Exposure
19% (7)CWE-79Failure to Preserve Web Page Structure ('Cross-site Scripting')
13% (5)CWE-399Resource Management Errors
13% (5)CWE-264Permissions, Privileges, and Access Controls
11% (4)CWE-310Cryptographic Issues
Hide | Show 4 More...
%idName
5% (2)CWE-352Cross-Site Request Forgery (CSRF)
5% (2)CWE-20Improper Input Validation
2% (1)CWE-255Credentials Management
2% (1)CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer

Oval Markup Language : Definitions

OvalIDName
oval:org.mitre.oval:def:28927Vulnerability in IBM SDK Java JSSE affects AIX
oval:org.mitre.oval:def:19915RC4 algorithm vulnerability

Open Source Vulnerability Database (OSVDB)

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
73378IBM WebSphere Application Server (WAS) JavaServer Pages org.apache.jasper.run...
73354IBM WebSphere Application Server (WAS) HTTP Transport SIP Proxy UDP Message S...
73353IBM WebSphere Application Server (WAS) Messaging Engine JMS Receive Call NULL...
73352IBM WebSphere Application Server (WAS) Service Integration Bus (SIB) Messagin...
73348IBM WebSphere Application Server (WAS) Security Component ibm-application-bnd...
Hide | Show 20 More...
idDescription
73346IBM WebSphere Application Server (WAS) HTTP Server Plugin Trace Request XSS
73341IBM WebSphere Application Server (WAS) Installer Temporary Log Directory Perm...
73052IBM WebSphere Application Server Admin Security Disable CSRF
71456IBM WebSphere Application Server IVT Unspecified XSS
65653IBM WebSphere Application Server (WAS) on z/OS default_create.log BBOWWPFx Jo...
65652IBM WebSphere Application Server (WAS) on z/OS Unspecified Link Injection
65651IBM WebSphere Application Server (WAS) on z/OS Admin Console Unspecified XSS
65430Oracle Mojarra Unencrypted ViewState Serialized View Object Manipulation Arbi...
63480IBM WebSphere Application Server (WAS) Administration Console URI XSS
63308IBM WebSphere Application Server Orb Client SSL Handshake Remote DoS
63307IBM WebSphere Application Server J2CConnectionFactory Object Cleartext Passwo...
55077IBM WebSphere Application Server (WAS) Administrative Console Component Confi...
55076IBM WebSphere Application Server (WAS) System Management/Repository Component...
55075IBM WebSphere Application Server (WAS) Security Component Non-standard HTTP M...
55074IBM WebSphere Application Server (WAS) Administrative Console Component Secur...
53979IBM WebSphere Application Server (WAS) WebContainer Component Unspecified CRL...
52600IBM WebSphere Application Server (WAS) Web Services WSPolicy IDAssertion.isUs...
52599IBM WebSphere Application Server (WAS) on Windows JSP Handling Unspecified Ex...
52598IBM WebSphere Application Server (WAS) Unspecified SSL Traffic Routing Weakness
52595IBM WebSphere Application Server (WAS) PMI/Performance Tools PerfServlet Mult...

ExploitDB Exploits

idDescription
17404IBM WebSphere Application Server 7.0.0.13 CSRF Vulnerability

OpenVAS Exploits

idDescription
2012-05-11Name : IBM WebSphere Application Server 'plugin-key.kdb' Information Disclosure Vuln...
File : nvt/gb_ibm_was_plugin_key_info_disc_vuln.nasl
2011-07-22Name : IBM WebSphere Application Server Multiple CSRF Vulnerabilities
File : nvt/secpod_ibm_was_admin_console_csrf_vuln.nasl
2011-03-22Name : IBM WebSphere Application Server (WAS) Multiple Vulnerabilities - March 2011
File : nvt/gb_ibm_was_mult_vuln_mar11.nasl
2010-04-01Name : IBM WebSphere Application Server multiple vulnerabilities
File : nvt/gb_ibm_websphere_mult_vuln.nasl

Information Assurance Vulnerability Management (IAVM)

idDescription
2015-A-0158Multiple Vulnerabilities in Oracle Java SE
Severity : Category I - VMSKEY : V0061089
2013-A-0220Multiple Vulnerabilities in Mozilla Products
Severity : Category I - VMSKEY : V0042380

Snort® IPS/IDS

DateDescription
2017-04-12SSL/TLS weak RC4 cipher suite use attempt
RuleID : 41907 - Type : POLICY-OTHER - Revision : 3
2017-04-06SSLv3 Client Hello attempt
RuleID : 41807 - Type : POLICY-OTHER - Revision : 2
2016-04-05SSL/TLS weak RC4 cipher suite use attempt
RuleID : 37916 - Type : POLICY-OTHER - Revision : 3
2016-04-05SSL/TLS weak RC4 cipher suite use attempt
RuleID : 37915 - Type : POLICY-OTHER - Revision : 3
2016-04-05SSL/TLS weak RC4 cipher suite use attempt
RuleID : 37914 - Type : POLICY-OTHER - Revision : 3
Hide | Show 4 More...
DateDescription
2016-04-05SSL/TLS weak RC4 cipher suite use attempt
RuleID : 37913 - Type : POLICY-OTHER - Revision : 3
2016-04-05SSL/TLS weak RC4 cipher suite use attempt
RuleID : 37912 - Type : POLICY-OTHER - Revision : 3
2016-03-14SSL/TLS weak RC4 cipher suite use attempt
RuleID : 37026 - Type : POLICY-OTHER - Revision : 4
2016-03-14SSL/TLS weak RC4 cipher suite use attempt
RuleID : 37025 - Type : POLICY-OTHER - Revision : 4

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2017-12-04Name : The remote host is missing a vendor-supplied security patch.
File : check_point_gaia_sk106499.nasl - Type : ACT_GATHER_INFO
2016-07-25Name : The remote web server is affected by multiple vulnerabilities.
File : oracle_http_server_cpu_jul_2016.nasl - Type : ACT_GATHER_INFO
2016-07-19Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2016-1430.nasl - Type : ACT_GATHER_INFO
2016-07-14Name : A video conferencing application running on the remote host is affected by mu...
File : cisco_telepresence_vcs_multiple_880.nasl - Type : ACT_GATHER_INFO
2016-06-23Name : The remote device is affected by multiple vulnerabilities.
File : juniper_space_jsa10727.nasl - Type : ACT_GATHER_INFO
Hide | Show 20 More...
idDescription
2016-06-16Name : The remote host is affected by a security feature bypass vulnerability.
File : ibm_storwize_cve_2015_2808.nasl - Type : ACT_GATHER_INFO
2016-04-29Name : The remote host is affected by multiple vulnerabilities.
File : hp_data_protector_hpsbgn03580.nasl - Type : ACT_GATHER_INFO
2016-03-17Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2016-0776-1.nasl - Type : ACT_GATHER_INFO
2016-03-16Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2016-0770-1.nasl - Type : ACT_GATHER_INFO
2016-03-04Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2016-0636-1.nasl - Type : ACT_GATHER_INFO
2016-03-01Name : The remote AIX host has a version of Java SDK installed that is affected by m...
File : aix_java_jan2016_advisory.nasl - Type : ACT_GATHER_INFO
2016-02-29Name : The remote AIX host is missing a vendor-supplied security patch.
File : aix_U867669.nasl - Type : ACT_GATHER_INFO
2016-02-12Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2016-0431-1.nasl - Type : ACT_GATHER_INFO
2016-02-12Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2016-0433-1.nasl - Type : ACT_GATHER_INFO
2016-02-11Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2016-0390-1.nasl - Type : ACT_GATHER_INFO
2016-02-03Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2016-0098.nasl - Type : ACT_GATHER_INFO
2016-02-03Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2016-0099.nasl - Type : ACT_GATHER_INFO
2016-02-03Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2016-0100.nasl - Type : ACT_GATHER_INFO
2016-02-03Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2016-0101.nasl - Type : ACT_GATHER_INFO
2016-01-14Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2016-0113-1.nasl - Type : ACT_GATHER_INFO
2016-01-06Name : The remote database server is affected by multiple vulnerabilities.
File : db2_105fp7_nix.nasl - Type : ACT_GATHER_INFO
2016-01-06Name : The remote database server is affected by multiple vulnerabilities.
File : db2_105fp7_win.nasl - Type : ACT_GATHER_INFO
2016-01-04Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201512-10.nasl - Type : ACT_GATHER_INFO
2015-12-21Name : The remote web server is affected by a security feature bypass vulnerability.
File : ibm_http_server_bar_mitzvah.nasl - Type : ACT_GATHER_INFO
2015-12-07Name : The remote web server hosts a web application that is potentially affected by...
File : jira_6_4_10.nasl - Type : ACT_GATHER_INFO