IBM WebSphere Application Server Multiple Vulnerabilities
Last Update Date:
18 Sep 2019 10:21
Release Date:
18 Sep 2019
4843
Views
RISK: Medium Risk
TYPE: Servers - Internet App Servers
Multiple vulnerabilities were identified in IBM WebSphere Application Server, a remote user could exploit some of these vulnerabilities to trigger sensitive information disclosure, cross-site scripting and bypass security restriction on the targeted system.
Impact
- Cross-Site Scripting
- Security Restriction Bypass
- Information Disclosure
System / Technologies affected
- IBM WebSphere Application Server Version 7.0, 8.0, 8.5, 9.0
Solutions
Before installation of the software, please visit the vendor web-site for more details.
- Apply fixes issued by the vendor:For detail, please refer to the links below:https://www.ibm.com/support/pages/security-bulletin-file-traversal-vulnerability-websphere-application-server-admin-console-cve-2019-4268
https://www.ibm.com/support/pages/security-bulletin-cross-site-scripting-vulnerability-websphere-application-server-admin-console-cve-2019-4270
https://www.ibm.com/support/pages/security-bulletin-information-disclosure-vulnerability-websphere-application-server-cve-2019-4477
Vulnerability Identifier
Source
Related Link
- https://www.auscert.org.au/bulletins/ESB-2019.3516/
- https://www.ibm.com/support/pages/security-bulletin-information-disclosure-vulnerability-websphere-application-server-cve-2019-4477
- https://www.ibm.com/support/pages/security-bulletin-file-traversal-vulnerability-websphere-application-server-admin-console-cve-2019-4268
- https://www.ibm.com/support/pages/security-bulletin-cross-site-scripting-vulnerability-websphere-application-server-admin-console-cve-2019-4270
Share with