IBM Websphere Application Server Multiple Vulnerabilities
Last Update Date:
17 Feb 2015 10:11
Release Date:
17 Feb 2015
3598
Views
RISK: Medium Risk
TYPE: Servers - Web Servers
Multiple vulnerabilities were identified in IBM Websphere Application Server, which could be exploited by remote attackers to cause arbitrary code execution, denial of service, cross site scripting, sensitive information disclosure and unauthorised access.
Impact
- Cross-Site Scripting
- Denial of Service
- Remote Code Execution
- Security Restriction Bypass
- Information Disclosure
System / Technologies affected
- Version 8.5 Full Profile
- Version 8.5 Liberty Profile
- Version 8
- Version 7
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- The vendor has issued interim fixes for the affected versions:
http://www-01.ibm.com/support/docview.wss?uid=swg21695392
Vulnerability Identifier
- CVE-2014-6174
- CVE-2014-6167
- CVE-2014-6166
- CVE-2014-6164
- CVE-2014-4816
- CVE-2014-4770
- CVE-2014-4764
- CVE-2014-3566
- CVE-2014-3083
- CVE-2014-3070
- CVE-2014-3021
- CVE-2014-0231
- CVE-2014-0226
- CVE-2014-0118
- CVE-2014-0076
- CVE-2013-5704
Source
Related Link
Share with