Known Vulnerabilities
CVE-2019-4269
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Admin Console could allow a remote attacker to obtain sensitive information when a specially crafted url causes a stack trace to be dumped. IBM X-Force ID: 160202.
MEDIUM
CVSS 5.3
Published Jun 28, 2019
CVE-2018-1957
IBM WebSphere Application Server 9 could allow sensitive information to be available caused by mishandling of data by the application based on an incorrect return by the httpServletRequest#authenticate() API when an unprotected URI is accessed. IBM X-Force ID: 153629.
MEDIUM
CVSS 4.0
Published Dec 10, 2018
CVE-2017-1788
IBM WebSphere Application Server 9 installations using Form Login could allow a remote attacker to conduct spoofing attacks. IBM X-Force ID: 137031.
MEDIUM
CVSS 5.3
Published Mar 22, 2018