) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:ibm:websphere_extreme_scale:8.5.0:*:*:*:*:*:*:*
- CPE Name Search: true
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2016-2861 |
IBM WebSphere eXtreme Scale 7.1.0 before 7.1.0.3, 7.1.1 before 7.1.1.1, 8.5 before 8.5.0.3, and 8.6 before 8.6.0.8 does not properly encrypt data, which makes it easier for remote attackers to obtain sensitive information by sniffing the network. Published: July 02, 2016; 10:59:10 AM -0400 |
V3.0: 3.7 LOW V2.0: 4.3 MEDIUM |
| CVE-2016-0400 |
CRLF injection vulnerability in IBM WebSphere eXtreme Scale 7.1.0 before 7.1.0.3, 7.1.1 before 7.1.1.1, 8.5 before 8.5.0.3, and 8.6 before 8.6.0.8 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL. Published: July 02, 2016; 10:59:05 AM -0400 |
V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2013-5394 |
The monitoring console in IBM WebSphere eXtreme Scale 7.1.0, 7.1.1, 8.5.0, and 8.6.0 allows remote authenticated users to conduct phishing attacks via unspecified vectors. Published: October 16, 2013; 6:52:45 AM -0400 |
V3.x:(not available) V2.0: 4.9 MEDIUM |
| CVE-2013-5393 |
The monitoring console in IBM WebSphere eXtreme Scale 7.1.0, 7.1.1, 8.5.0, and 8.6.0 does not properly process logoff actions, which has unspecified impact and remote attack vectors. Published: October 16, 2013; 6:52:45 AM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
| CVE-2013-5390 |
Cross-site scripting (XSS) vulnerability in the monitoring console in IBM WebSphere eXtreme Scale 7.1.0, 7.1.1, 8.5.0, and 8.6.0 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. Published: October 16, 2013; 6:52:45 AM -0400 |
V3.x:(not available) V2.0: 3.5 LOW |