Asset resource type (WebSphere Application Server traditional server)
Asset resource types describe servers and runtimes that are managed and monitored by WebSphere Automation.
Example asset created event (WebSphere Application Server traditional server)
{
"type" : "CREATE",
"asset" : {
"created" : "2023-06-12T10:39:50Z",
"createdBy" : "server-registration-processor",
"id" : "1a5d141a-3294-3ff3-9182-5ae1d4f3465d",
"name" : "server1@defected1.example.com",
"updated" : "2023-06-12T10:39:50Z",
"updatedBy" : "server-registration-processor",
"apars" : [ ],
"hostName" : "defected1.example.com",
"operatingSystem" : "Linux",
"operatingSystemVersion" : "3.10.0-1160.90.1.el7.x86_64",
"productName" : "WebSphere Application Server Network Deployment",
"type" : "traditional",
"unresolvedVulnerabilities" : [ {
"created" : "2023-06-12T10:39:50Z",
"createdBy" : "server-registration-processor",
"description" : "There are multiple vulnerabilities in the IBM® SDK, Java™ Technology Edition that is shipped with IBM WebSphere Application Server and IBM WebSphere Application Server Liberty. The CVE(s) listed in this document might affect some configurations of IBM WebSphere Application Server traditional and IBM WebSphere Application Server Liberty. These products have addressed the applicable CVE(s). If you run your own Java code using the IBM Java Runtime delivered with this product, you should evaluate your code to determine whether the complete list of vulnerabilities is applicable to your code. For a complete list of vulnerabilities, refer to the link for \"IBM Java SDK Security Bulletin\" located in the References section for more information. HP fixes are on a delayed schedule.",
"id" : "63d3b3f2-e49e-378b-a339-ac3753d48d33",
"name" : "6839565 : IBM J9 VM@defected1.example.com",
"updated" : "2023-06-12T10:39:50Z",
"updatedBy" : "server-registration-processor",
"assetId" : "f0842917-7c96-389e-b99f-302df459f944",
"cves" : [ {
"cvssBaseScore" : 5.3,
"description" : "An unspecified vulnerability in Java SE related to the Security component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors.",
"id" : "CVE-2022-21626"
}, {
"cvssBaseScore" : 3.7,
"description" : "An unspecified vulnerability in Java SE related to the Security component could allow an unauthenticated attacker to update, insert or delete data resulting in a low integrity impact using unknown attack vectors.",
"id" : "CVE-2022-21624"
} ],
"remediations" : [ {
"additionalInstallationInstructions" : "https://www.ibm.com/support/pages/node/6839565",
"endVersion" : "8.0.7.19",
"fixPack" : "8.0.7.20",
"iFixes" : [ "PH50734" ],
"operator" : "OR",
"startVersion" : "8.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "f0a4388b-cbb5-3e46-a267-f230db98c073"
}, {
"created" : "2023-06-12T10:39:50Z",
"createdBy" : "server-registration-processor",
"description" : "There are multiple vulnerabilities in the IBM® SDK, Java™ Technology Edition that is shipped with IBM WebSphere Application Server and IBM WebSphere Application Server Liberty. These might affect some configurations of IBM WebSphere Application Server traditional and IBM WebSphere Application Server Liberty. These products have addressed the applicable CVEs. If you run your own Java code using the IBM Java Runtime delivered with this product, you should evaluate your code to determine whether the complete list of vulnerabilities is applicable to your code. For a complete list of vulnerabilities, refer to the link for \"IBM Java SDK Security Bulletin\" located in the References section for more information. HP fixes are on a delayed schedule.",
"id" : "677299b0-2524-3c66-9c36-85c16a0a3690",
"name" : "6594523 : IBM J9 VM@defected1.example.com",
"updated" : "2023-06-12T10:39:50Z",
"updatedBy" : "server-registration-processor",
"assetId" : "f0842917-7c96-389e-b99f-302df459f944",
"cves" : [ {
"cvssBaseScore" : 5.3,
"description" : "An unspecified vulnerability in Java SE related to the JAXP component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors.",
"id" : "CVE-2022-21299"
}, {
"cvssBaseScore" : 5.3,
"description" : "An unspecified vulnerability in Java SE related to the JNDI component could allow an unauthenticated attacker to cause no confidentiality impact, low integrity impact, and no availability impact.",
"id" : "CVE-2022-21496"
} ],
"remediations" : [ {
"additionalInstallationInstructions" : "https://www.ibm.com/support/pages/node/6594523",
"endVersion" : "8.0.7.9",
"fixPack" : "8.0.7.10",
"iFixes" : [ "PH46425" ],
"operator" : "OR",
"startVersion" : "8.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "12959664-bdcc-396a-b0af-f15886b07354"
}, {
"created" : "2023-06-12T10:39:50Z",
"createdBy" : "server-registration-processor",
"description" : "There are multiple vulnerabilities in the IBM® SDK, Java™ Technology Edition that is shipped with IBM WebSphere Application Server and IBM WebSphere Application Server Liberty. The CVE(s) listed in this document might affect some configurations of IBM WebSphere Application Server traditional and IBM WebSphere Application Server Liberty. These products have addressed the applicable CVE(s). If you run your own Java code using the IBM Java Runtime delivered with this product, you should evaluate your code to determine whether the complete list of vulnerabilities is applicable to your code. For a complete list of vulnerabilities, refer to the link for \"IBM Java SDK Security Bulletin\" located in the References section for more information. HP fixes are on a delayed schedule.",
"id" : "64f1d4d4-4ea5-367d-93fe-9317af030897",
"name" : "6980375 : IBM J9 VM@defected1.example.com",
"updated" : "2023-06-12T10:39:50Z",
"updatedBy" : "server-registration-processor",
"assetId" : "f0842917-7c96-389e-b99f-302df459f944",
"cves" : [ {
"cvssBaseScore" : 5.3,
"description" : "An unspecified vulnerability in Java SE related to the JAXP component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors.",
"id" : "CVE-2022-21426"
}, {
"cvssBaseScore" : 5.3,
"description" : "An unspecified vulnerability in Java SE related to the Serialization component could allow a remote attacker to cause a denial of service resulting in a low integrity impact using unknown attack vectors.",
"id" : "CVE-2023-21830"
} ],
"remediations" : [ {
"additionalInstallationInstructions" : "https://www.ibm.com/support/pages/node/6980375",
"endVersion" : "8.0.7.99",
"fixPack" : "8.0.8.0",
"iFixes" : [ "PH53088" ],
"operator" : "OR",
"startVersion" : "8.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "1775bdd2-6649-350f-9442-0fbd4abeb4f7"
}, {
"created" : "2023-06-12T10:39:50Z",
"createdBy" : "server-registration-processor",
"description" : "There are multiple vulnerabilities in the IBM® SDK, Java™ Technology Edition that is shipped with IBM WebSphere Application Server and IBM WebSphere Application Server Liberty. The CVE(s) listed in this document might affect some configurations of IBM WebSphere Application Server traditional and IBM WebSphere Application Server Liberty. These products have addressed the applicable CVE(s). If you run your own Java code using the IBM Java Runtime delivered with this product, you should evaluate your code to determine whether the complete list of vulnerabilities is applicable to your code. For a complete list of vulnerabilities, refer to the link for \"IBM Java SDK Security Bulletin\" located in the References section for more information. HP fixes are on a delayed schedule.",
"id" : "5041b7c1-f13a-34aa-b544-94a22aab4960",
"name" : "6616953 : IBM J9 VM@defected1.example.com",
"updated" : "2023-06-12T10:39:50Z",
"updatedBy" : "server-registration-processor",
"assetId" : "f0842917-7c96-389e-b99f-302df459f944",
"cves" : [ {
"cvssBaseScore" : 5.3,
"description" : "An unspecified vulnerability in Java SE related to the Libraries component could allow an unauthenticated attacker to cause no confidentiality impact, high integrity impact, and no availability impact.",
"id" : "CVE-2021-2163"
} ],
"remediations" : [ {
"additionalInstallationInstructions" : "https://www.ibm.com/support/pages/node/6616953",
"endVersion" : "8.0.7.14",
"fixPack" : "8.0.7.15",
"iFixes" : [ "PH48649" ],
"operator" : "OR",
"startVersion" : "8.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "ce701624-9b78-3923-bc80-967995bab0da"
}, {
"created" : "2023-06-12T10:39:50Z",
"createdBy" : "server-registration-processor",
"description" : "There is a vulnerability in the IBM® SDK, Java™ Technology Edition that is shipped with IBM WebSphere Application Server and IBM WebSphere Application Server Liberty. The CVE(s) listed in this document might affect some configurations of IBM WebSphere Application Server traditional and IBM WebSphere Application Server Liberty. These products have addressed the applicable CVE. If you run your own Java code using the IBM Java Runtime delivered with this product, you should evaluate your code to determine whether this vulnerability is applicable to your code. Refer to the link for \"IBM Java SDK Security Bulletin\" located in the References section for more information.",
"id" : "69999989-8e75-38c2-9c73-f75ffc4dcf59",
"name" : "6986617 : IBM J9 VM@defected1.example.com",
"updated" : "2023-06-12T10:39:50Z",
"updatedBy" : "server-registration-processor",
"assetId" : "f0842917-7c96-389e-b99f-302df459f944",
"cves" : [ {
"cvssBaseScore" : 7.5,
"description" : "IBM Runtime Environment, Java Technology Edition IBMJCEPlus and JSSE components could expose sensitive information using a combination of flaws and configurations.",
"id" : "CVE-2023-30441"
} ],
"remediations" : [ {
"additionalInstallationInstructions" : "https://www.ibm.com/support/pages/node/6986617",
"endVersion" : "8.0.7.14",
"fixPack" : "8.0.7.15",
"iFixes" : [ "PH53088" ],
"operator" : "OR",
"startVersion" : "8.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "eb0bc67a-81be-3497-a33c-ae909eef69da"
}, {
"created" : "2023-06-12T10:39:50Z",
"createdBy" : "server-registration-processor",
"description" : "There are multiple vulnerabilities in the IBM® SDK, Java™ Technology Edition that is shipped with IBM WebSphere Application Server and IBM WebSphere Application Server Liberty. The CVE(s) listed in this document might affect some configurations of IBM WebSphere Application Server traditional and IBM WebSphere Application Server Liberty. These products have addressed the applicable CVE(s). If you run your own Java code using the IBM Java Runtime delivered with this product, you should evaluate your code to determine whether the complete list of vulnerabilities is applicable to your code. For a complete list of vulnerabilities, refer to the link for \"IBM Java SDK Security Bulletin\" located in the References section for more information. HP fixes are on a delayed schedule.",
"id" : "f360346c-e134-39fb-ac92-61e089e2bf7f",
"name" : "7001677 : IBM J9 VM@defected1.example.com",
"updated" : "2023-06-12T10:39:50Z",
"updatedBy" : "server-registration-processor",
"assetId" : "f0842917-7c96-389e-b99f-302df459f944",
"cves" : [ {
"cvssBaseScore" : 3.7,
"description" : "An unspecified vulnerability in Oracle Java SE, Oracle GraalVM Enterprise Edition related to the Networking component could allow a remote attacker to cause integrity impact.",
"id" : "CVE-2023-21937"
}, {
"cvssBaseScore" : 5.9,
"description" : "An unspecified vulnerability in Oracle Java SE, Oracle GraalVM Enterprise Edition related to the JSSE component could allow a remote attacker to cause high availability impact.",
"id" : "CVE-2023-21954"
}, {
"cvssBaseScore" : 3.7,
"description" : "An unspecified vulnerability in Oracle Java SE, Oracle GraalVM Enterprise Edition related to the Libraries component could allow a remote attacker to cause integrity impact.",
"id" : "CVE-2023-21938"
}, {
"cvssBaseScore" : 5.9,
"description" : "An unspecified vulnerability in Oracle Java SE, Oracle GraalVM Enterprise Edition related to the Hotspot component could allow a remote attacker to cause high confidentiality impact.",
"id" : "CVE-2023-21967"
}, {
"cvssBaseScore" : 7.4,
"description" : "An unspecified vulnerability in Oracle Java SE, Oracle GraalVM Enterprise Edition related to the JSSE component could allow an unauthenticated attacker to cause high confidentiality impact and high integrity impact.",
"id" : "CVE-2023-21930"
}, {
"cvssBaseScore" : 3.7,
"description" : "An unspecified vulnerability in Oracle Java SE and GraalVM Enterprise Edition related to the Libraries component could allow an unauthenticated attacker to cause low integrity impact.",
"id" : "CVE-2023-21968"
} ],
"remediations" : [ {
"additionalInstallationInstructions" : "https://www.ibm.com/support/pages/node/7001677",
"endVersion" : "8.0.8.4",
"fixPack" : "8.0.8.5",
"iFixes" : [ "PH54908" ],
"operator" : "OR",
"startVersion" : "8.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "c0533ed3-cdf3-3305-a667-7757bdeaca62"
} ],
"version" : "9.0.5.7",
"adminUiUrl" : "http://10.21.12.91:9060/ibm/console",
"edition" : "ND",
"groups" : [ "test", "WebSphere Cells", "WebSphere Cells/DefaultCell01", "WebSphere Cells/DefaultCell01/WebSphere Nodes", "WebSphere Cells/DefaultCell01/WebSphere Nodes/DefaultNode01" ],
"installDirectory" : "/opt/WAS",
"jdkId" : "f0842917-7c96-389e-b99f-302df459f944",
"lastContact" : "2023-06-12T10:39:50Z",
"profileDirectory" : "/opt/WAS/profiles/AppSrv01",
"serverName" : "server1",
"serverType" : "application-server",
"cellName" : "DefaultCell01",
"nodeName" : "DefaultNode01"
}
}Example asset updated event (WebSphere Application Server traditional server)
{
"type" : "UPDATE",
"asset" : {
"created" : "2023-06-12T09:52:43Z",
"createdBy" : "server-registration-processor",
"id" : "1a5d141a-3294-3ff3-9182-5ae1d4f3465d",
"name" : "server1@defected1.example.com",
"updated" : "2023-06-12T10:21:41Z",
"updatedBy" : "server-registration-processor",
"apars" : [ "PH37034", "PH42728", "PH43148", "PH38485", "PH34122", "PH42762" ],
"hostName" : "defected1.example.com",
"operatingSystem" : "Linux",
"operatingSystemVersion" : "3.10.0-1160.90.1.el7.x86_64",
"productName" : "WebSphere Application Server Network Deployment",
"type" : "traditional",
"unresolvedVulnerabilities" : [ {
"created" : "2023-06-12T09:52:42Z",
"createdBy" : "server-registration-processor",
"description" : "There are multiple vulnerabilities in the IBM® SDK, Java™ Technology Edition that is shipped with IBM WebSphere Application Server and IBM WebSphere Application Server Liberty. The CVE(s) listed in this document might affect some configurations of IBM WebSphere Application Server traditional and IBM WebSphere Application Server Liberty. These products have addressed the applicable CVE(s). If you run your own Java code using the IBM Java Runtime delivered with this product, you should evaluate your code to determine whether the complete list of vulnerabilities is applicable to your code. For a complete list of vulnerabilities, refer to the link for \"IBM Java SDK Security Bulletin\" located in the References section for more information. HP fixes are on a delayed schedule.",
"id" : "63d3b3f2-e49e-378b-a339-ac3753d48d33",
"name" : "6839565 : IBM J9 VM@defected1.example.com",
"updated" : "2023-06-12T09:52:42Z",
"updatedBy" : "server-registration-processor",
"assetId" : "f0842917-7c96-389e-b99f-302df459f944",
"cves" : [ {
"cvssBaseScore" : 5.3,
"description" : "An unspecified vulnerability in Java SE related to the Security component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors.",
"id" : "CVE-2022-21626"
}, {
"cvssBaseScore" : 3.7,
"description" : "An unspecified vulnerability in Java SE related to the Security component could allow an unauthenticated attacker to update, insert or delete data resulting in a low integrity impact using unknown attack vectors.",
"id" : "CVE-2022-21624"
} ],
"remediations" : [ {
"additionalInstallationInstructions" : "https://www.ibm.com/support/pages/node/6839565",
"endVersion" : "8.0.7.19",
"fixPack" : "8.0.7.20",
"iFixes" : [ "PH50734" ],
"operator" : "OR",
"startVersion" : "8.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "f0a4388b-cbb5-3e46-a267-f230db98c073"
}, {
"created" : "2023-06-12T09:52:42Z",
"createdBy" : "server-registration-processor",
"description" : "There are multiple vulnerabilities in the IBM® SDK, Java™ Technology Edition that is shipped with IBM WebSphere Application Server and IBM WebSphere Application Server Liberty. These might affect some configurations of IBM WebSphere Application Server traditional and IBM WebSphere Application Server Liberty. These products have addressed the applicable CVEs. If you run your own Java code using the IBM Java Runtime delivered with this product, you should evaluate your code to determine whether the complete list of vulnerabilities is applicable to your code. For a complete list of vulnerabilities, refer to the link for \"IBM Java SDK Security Bulletin\" located in the References section for more information. HP fixes are on a delayed schedule.",
"id" : "677299b0-2524-3c66-9c36-85c16a0a3690",
"name" : "6594523 : IBM J9 VM@defected1.example.com",
"updated" : "2023-06-12T09:52:42Z",
"updatedBy" : "server-registration-processor",
"assetId" : "f0842917-7c96-389e-b99f-302df459f944",
"cves" : [ {
"cvssBaseScore" : 5.3,
"description" : "An unspecified vulnerability in Java SE related to the JAXP component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors.",
"id" : "CVE-2022-21299"
}, {
"cvssBaseScore" : 5.3,
"description" : "An unspecified vulnerability in Java SE related to the JNDI component could allow an unauthenticated attacker to cause no confidentiality impact, low integrity impact, and no availability impact.",
"id" : "CVE-2022-21496"
} ],
"remediations" : [ {
"additionalInstallationInstructions" : "https://www.ibm.com/support/pages/node/6594523",
"endVersion" : "8.0.7.9",
"fixPack" : "8.0.7.10",
"iFixes" : [ "PH46425" ],
"operator" : "OR",
"startVersion" : "8.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "12959664-bdcc-396a-b0af-f15886b07354"
}, {
"created" : "2023-06-12T09:52:42Z",
"createdBy" : "server-registration-processor",
"description" : "There are multiple vulnerabilities in the IBM® SDK, Java™ Technology Edition that is shipped with IBM WebSphere Application Server and IBM WebSphere Application Server Liberty. The CVE(s) listed in this document might affect some configurations of IBM WebSphere Application Server traditional and IBM WebSphere Application Server Liberty. These products have addressed the applicable CVE(s). If you run your own Java code using the IBM Java Runtime delivered with this product, you should evaluate your code to determine whether the complete list of vulnerabilities is applicable to your code. For a complete list of vulnerabilities, refer to the link for \"IBM Java SDK Security Bulletin\" located in the References section for more information. HP fixes are on a delayed schedule.",
"id" : "64f1d4d4-4ea5-367d-93fe-9317af030897",
"name" : "6980375 : IBM J9 VM@defected1.example.com",
"updated" : "2023-06-12T09:52:42Z",
"updatedBy" : "server-registration-processor",
"assetId" : "f0842917-7c96-389e-b99f-302df459f944",
"cves" : [ {
"cvssBaseScore" : 5.3,
"description" : "An unspecified vulnerability in Java SE related to the JAXP component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors.",
"id" : "CVE-2022-21426"
}, {
"cvssBaseScore" : 5.3,
"description" : "An unspecified vulnerability in Java SE related to the Serialization component could allow a remote attacker to cause a denial of service resulting in a low integrity impact using unknown attack vectors.",
"id" : "CVE-2023-21830"
} ],
"remediations" : [ {
"additionalInstallationInstructions" : "https://www.ibm.com/support/pages/node/6980375",
"endVersion" : "8.0.7.99",
"fixPack" : "8.0.8.0",
"iFixes" : [ "PH53088" ],
"operator" : "OR",
"startVersion" : "8.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "1775bdd2-6649-350f-9442-0fbd4abeb4f7"
}, {
"created" : "2023-06-12T09:52:42Z",
"createdBy" : "server-registration-processor",
"description" : "There are multiple vulnerabilities in the IBM® SDK, Java™ Technology Edition that is shipped with IBM WebSphere Application Server and IBM WebSphere Application Server Liberty. The CVE(s) listed in this document might affect some configurations of IBM WebSphere Application Server traditional and IBM WebSphere Application Server Liberty. These products have addressed the applicable CVE(s). If you run your own Java code using the IBM Java Runtime delivered with this product, you should evaluate your code to determine whether the complete list of vulnerabilities is applicable to your code. For a complete list of vulnerabilities, refer to the link for \"IBM Java SDK Security Bulletin\" located in the References section for more information. HP fixes are on a delayed schedule.",
"id" : "5041b7c1-f13a-34aa-b544-94a22aab4960",
"name" : "6616953 : IBM J9 VM@defected1.example.com",
"updated" : "2023-06-12T09:52:42Z",
"updatedBy" : "server-registration-processor",
"assetId" : "f0842917-7c96-389e-b99f-302df459f944",
"cves" : [ {
"cvssBaseScore" : 5.3,
"description" : "An unspecified vulnerability in Java SE related to the Libraries component could allow an unauthenticated attacker to cause no confidentiality impact, high integrity impact, and no availability impact.",
"id" : "CVE-2021-2163"
} ],
"remediations" : [ {
"additionalInstallationInstructions" : "https://www.ibm.com/support/pages/node/6616953",
"endVersion" : "8.0.7.14",
"fixPack" : "8.0.7.15",
"iFixes" : [ "PH48649" ],
"operator" : "OR",
"startVersion" : "8.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "ce701624-9b78-3923-bc80-967995bab0da"
}, {
"created" : "2023-06-12T09:52:42Z",
"createdBy" : "server-registration-processor",
"description" : "There is a vulnerability in the IBM® SDK, Java™ Technology Edition that is shipped with IBM WebSphere Application Server and IBM WebSphere Application Server Liberty. The CVE(s) listed in this document might affect some configurations of IBM WebSphere Application Server traditional and IBM WebSphere Application Server Liberty. These products have addressed the applicable CVE. If you run your own Java code using the IBM Java Runtime delivered with this product, you should evaluate your code to determine whether this vulnerability is applicable to your code. Refer to the link for \"IBM Java SDK Security Bulletin\" located in the References section for more information.",
"id" : "69999989-8e75-38c2-9c73-f75ffc4dcf59",
"name" : "6986617 : IBM J9 VM@defected1.example.com",
"updated" : "2023-06-12T09:52:42Z",
"updatedBy" : "server-registration-processor",
"assetId" : "f0842917-7c96-389e-b99f-302df459f944",
"cves" : [ {
"cvssBaseScore" : 7.5,
"description" : "IBM Runtime Environment, Java Technology Edition IBMJCEPlus and JSSE components could expose sensitive information using a combination of flaws and configurations.",
"id" : "CVE-2023-30441"
} ],
"remediations" : [ {
"additionalInstallationInstructions" : "https://www.ibm.com/support/pages/node/6986617",
"endVersion" : "8.0.7.14",
"fixPack" : "8.0.7.15",
"iFixes" : [ "PH53088" ],
"operator" : "OR",
"startVersion" : "8.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "eb0bc67a-81be-3497-a33c-ae909eef69da"
}, {
"created" : "2023-06-12T09:52:42Z",
"createdBy" : "server-registration-processor",
"description" : "There are multiple vulnerabilities in the IBM® SDK, Java™ Technology Edition that is shipped with IBM WebSphere Application Server and IBM WebSphere Application Server Liberty. The CVE(s) listed in this document might affect some configurations of IBM WebSphere Application Server traditional and IBM WebSphere Application Server Liberty. These products have addressed the applicable CVE(s). If you run your own Java code using the IBM Java Runtime delivered with this product, you should evaluate your code to determine whether the complete list of vulnerabilities is applicable to your code. For a complete list of vulnerabilities, refer to the link for \"IBM Java SDK Security Bulletin\" located in the References section for more information. HP fixes are on a delayed schedule.",
"id" : "f360346c-e134-39fb-ac92-61e089e2bf7f",
"name" : "7001677 : IBM J9 VM@defected1.example.com",
"updated" : "2023-06-12T09:52:42Z",
"updatedBy" : "server-registration-processor",
"assetId" : "f0842917-7c96-389e-b99f-302df459f944",
"cves" : [ {
"cvssBaseScore" : 3.7,
"description" : "An unspecified vulnerability in Oracle Java SE, Oracle GraalVM Enterprise Edition related to the Networking component could allow a remote attacker to cause integrity impact.",
"id" : "CVE-2023-21937"
}, {
"cvssBaseScore" : 5.9,
"description" : "An unspecified vulnerability in Oracle Java SE, Oracle GraalVM Enterprise Edition related to the JSSE component could allow a remote attacker to cause high availability impact.",
"id" : "CVE-2023-21954"
}, {
"cvssBaseScore" : 3.7,
"description" : "An unspecified vulnerability in Oracle Java SE, Oracle GraalVM Enterprise Edition related to the Libraries component could allow a remote attacker to cause integrity impact.",
"id" : "CVE-2023-21938"
}, {
"cvssBaseScore" : 5.9,
"description" : "An unspecified vulnerability in Oracle Java SE, Oracle GraalVM Enterprise Edition related to the Hotspot component could allow a remote attacker to cause high confidentiality impact.",
"id" : "CVE-2023-21967"
}, {
"cvssBaseScore" : 7.4,
"description" : "An unspecified vulnerability in Oracle Java SE, Oracle GraalVM Enterprise Edition related to the JSSE component could allow an unauthenticated attacker to cause high confidentiality impact and high integrity impact.",
"id" : "CVE-2023-21930"
}, {
"cvssBaseScore" : 3.7,
"description" : "An unspecified vulnerability in Oracle Java SE and GraalVM Enterprise Edition related to the Libraries component could allow an unauthenticated attacker to cause low integrity impact.",
"id" : "CVE-2023-21968"
} ],
"remediations" : [ {
"additionalInstallationInstructions" : "https://www.ibm.com/support/pages/node/7001677",
"endVersion" : "8.0.8.4",
"fixPack" : "8.0.8.5",
"iFixes" : [ "PH54908" ],
"operator" : "OR",
"startVersion" : "8.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "c0533ed3-cdf3-3305-a667-7757bdeaca62"
}, {
"created" : "2023-06-12T09:52:43Z",
"createdBy" : "vulnerability-manager",
"description" : "IBM WebSphere Application Server is vulnerable to cross-site scripting in the Admin Console. This has been addressed.",
"id" : "c4686ba1-62b7-3b3d-ac80-48dba51f076a",
"name" : "6603417 : server1@defected1.example.com",
"updated" : "2023-06-12T09:52:43Z",
"updatedBy" : "vulnerability-manager",
"assetId" : "1a5d141a-3294-3ff3-9182-5ae1d4f3465d",
"cves" : [ {
"cvssBaseScore" : 6.1,
"description" : "IBM WebSphere Application Server is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.",
"id" : "CVE-2022-22477"
} ],
"remediations" : [ {
"endVersion" : "9.0.5.13",
"fixPack" : "9.0.5.14",
"iFixes" : [ "PH50116" ],
"operator" : "OR",
"startVersion" : "9.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "8802da81-52eb-3c2f-93f7-12a6875b026a"
}, {
"created" : "2023-06-12T09:52:43Z",
"createdBy" : "vulnerability-manager",
"description" : "WebSphere Application Server is vulnerable to a privilege escalation vulnerability. This has been addressed.",
"id" : "35b3dd3c-fac9-3e33-bd31-ac6fd27a8951",
"name" : "6462627 : server1@defected1.example.com",
"updated" : "2023-06-12T09:52:43Z",
"updatedBy" : "vulnerability-manager",
"assetId" : "1a5d141a-3294-3ff3-9182-5ae1d4f3465d",
"cves" : [ {
"cvssBaseScore" : 4.2,
"description" : "IBM WebSphere Application Server is vulnerable to a privilege escalation vulnerability when using the SAML Web Inbound Trust Association Interceptor (TAI).",
"id" : "CVE-2021-29754"
} ],
"remediations" : [ {
"endVersion" : "9.0.5.7",
"fixPack" : "9.0.5.8",
"iFixes" : [ "PH36253" ],
"operator" : "OR",
"startVersion" : "9.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "be374926-02be-3165-8714-c06108174d80"
}, {
"created" : "2023-06-12T09:52:43Z",
"createdBy" : "vulnerability-manager",
"description" : "There is a vulnerability in the Apache Commons FileUpload library used by IBM WebSphere Application Server and used by IBM WebSphere Application Server Liberty with the servlet-3.0, servlet-3.1, servlet-4.0, servlet-5.0 or servlet-6.0 feature enabled. This has been addressed in the remediation section.",
"id" : "433af02b-da8d-3f6e-ab2c-bf59f8dca3a4",
"name" : "6982047 : server1@defected1.example.com",
"updated" : "2023-06-12T09:52:43Z",
"updatedBy" : "vulnerability-manager",
"assetId" : "1a5d141a-3294-3ff3-9182-5ae1d4f3465d",
"cves" : [ {
"cvssBaseScore" : 7.5,
"description" : "Apache Commons FileUpload and Tomcat are vulnerable to a denial of service, caused by not limit the number of request parts to be processed in the file upload function. By sending a specially-crafted request with series of uploads, a remote attacker could exploit this vulnerability to cause a denial of service condition.",
"id" : "CVE-2023-24998"
} ],
"remediations" : [ {
"endVersion" : "9.0.5.15",
"fixPack" : "9.0.5.16",
"iFixes" : [ "PH50863" ],
"operator" : "OR",
"startVersion" : "9.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "7e38c015-dd84-351a-8084-47eeda5fc3e4"
}, {
"created" : "2023-06-12T09:52:43Z",
"createdBy" : "vulnerability-manager",
"description" : "WebSphere Application Server is vulnerable to a Denial of Service. This has been addressed.",
"id" : "a2140afb-b68f-351c-a7ae-5958058ecfe1",
"name" : "6524674 : server1@defected1.example.com",
"updated" : "2023-06-12T09:52:43Z",
"updatedBy" : "vulnerability-manager",
"assetId" : "1a5d141a-3294-3ff3-9182-5ae1d4f3465d",
"cves" : [ {
"cvssBaseScore" : 7.5,
"description" : "IBM WebSphere Application Server is vulnerable to a denial of service, caused by sending a specially-crafted request. A remote attacker could exploit this vulnerability to cause the server to consume all available CPU resources.",
"id" : "CVE-2021-38951"
} ],
"remediations" : [ {
"endVersion" : "9.0.5.10",
"fixPack" : "9.0.5.11",
"iFixes" : [ "PH41676" ],
"operator" : "OR",
"startVersion" : "9.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "f5697581-ef60-3b61-a7bd-f7a35fe31c09"
}, {
"created" : "2023-06-12T09:52:43Z",
"createdBy" : "vulnerability-manager",
"description" : "IBM WebSphere Application Server is vulnerable to spoofing when the Ajax Proxy Web Application (AjaxProxy.war) is deployed. This has been addressed.",
"id" : "1cb30b87-cfac-3d3a-8819-448212c5ef72",
"name" : "6587947 : server1@defected1.example.com",
"updated" : "2023-06-12T09:52:43Z",
"updatedBy" : "vulnerability-manager",
"assetId" : "1a5d141a-3294-3ff3-9182-5ae1d4f3465d",
"cves" : [ {
"cvssBaseScore" : 5.6,
"description" : "IBM WebSphere Application Server, with the Ajax Proxy Web Application (AjaxProxy.war) deployed, is vulnerable to spoofing by allowing a man-in-the-middle attacker to spoof SSL server hostnames.",
"id" : "CVE-2022-22365"
} ],
"remediations" : [ {
"endVersion" : "9.0.5.12",
"fixPack" : "9.0.5.13",
"iFixes" : [ "PH44339" ],
"operator" : "OR",
"startVersion" : "9.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "dea61e89-3789-3bb9-8919-2eece51ac6e4"
}, {
"created" : "2023-06-12T09:52:43Z",
"createdBy" : "vulnerability-manager",
"description" : "WebSphere Application Server is vulnerable to a privilege escalation vulnerability. This has been addressed.",
"id" : "0313e954-fc3a-30c0-871b-1b27aed82dc0",
"name" : "6476678 : server1@defected1.example.com",
"updated" : "2023-06-12T09:52:43Z",
"updatedBy" : "vulnerability-manager",
"assetId" : "1a5d141a-3294-3ff3-9182-5ae1d4f3465d",
"cves" : [ {
"cvssBaseScore" : 5.0,
"description" : "IBM WebSphere Application Server could allow a remote user to gain elevated privileges on the system.",
"id" : "CVE-2021-29736"
} ],
"remediations" : [ {
"endVersion" : "9.0.5.8",
"fixPack" : "9.0.5.9",
"iFixes" : [ "PH34690" ],
"operator" : "OR",
"startVersion" : "9.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "7e319bee-f621-3c68-89db-e02d75e4a096"
}, {
"created" : "2023-06-12T09:52:43Z",
"createdBy" : "vulnerability-manager",
"description" : "IBM WebSphere Application Server traditional is vulnerable to a remote code execution vulnerability. This has been addressed.",
"id" : "2cf78bf7-89ae-3212-ae1f-971cdeffb08d",
"name" : "6891111 : server1@defected1.example.com",
"updated" : "2023-06-12T09:52:43Z",
"updatedBy" : "vulnerability-manager",
"assetId" : "1a5d141a-3294-3ff3-9182-5ae1d4f3465d",
"cves" : [ {
"cvssBaseScore" : 8.1,
"description" : "IBM WebSphere Application Server traditional could allow a remote attacker to execute arbitrary code on the system with a specially crafted sequence of serialized objects.",
"id" : "CVE-2023-23477"
} ],
"remediations" : [ {
"endVersion" : "9.0.5.7",
"fixPack" : "9.0.5.8",
"iFixes" : [ ],
"startVersion" : "9.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "61ef025f-d114-3a62-8364-5d6da16fe406"
}, {
"created" : "2023-06-12T09:52:43Z",
"createdBy" : "vulnerability-manager",
"description" : "IBM WebSphere Application Server is vulnerable to clickjacking when REST API discovery is configured through the WebSphere administrative console Web Container settings to enable the API Discovery service, or through IBM WebSphere Application Server Liberty features mpOpenAPI-1.0, mpOpenAPI-1.1, mpOpenAPI-2.0, apiDiscovery-1.0, openapi-3.0 or openapi-3.1. This has been addressed.",
"id" : "c6adb21f-da01-3e00-ad4a-780564c24fd0",
"name" : "6559044 : server1@defected1.example.com",
"updated" : "2023-06-12T09:52:43Z",
"updatedBy" : "vulnerability-manager",
"assetId" : "1a5d141a-3294-3ff3-9182-5ae1d4f3465d",
"cves" : [ {
"cvssBaseScore" : 4.4,
"description" : "IBM WebSphere Application Server could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim.",
"id" : "CVE-2021-39038"
} ],
"remediations" : [ {
"additionalInstallationInstructions" : "https://www.ibm.com/support/pages/node/6559044",
"endVersion" : "9.0.5.11",
"fixPack" : "9.0.5.12",
"iFixes" : [ "PH43760" ],
"operator" : "OR",
"startVersion" : "9.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "9ba75eb9-b77d-3071-843b-4f487d79f9f4"
}, {
"created" : "2023-06-12T09:52:43Z",
"createdBy" : "vulnerability-manager",
"description" : "IBM WebSphere Application Server is vulnerable to cross-site scripting in the Admin Console. This has been addressed in the remediation section.",
"id" : "a5738dd9-a9e6-3f47-9fea-49c3cc66814c",
"name" : "6964836 : server1@defected1.example.com",
"updated" : "2023-06-12T09:52:43Z",
"updatedBy" : "vulnerability-manager",
"assetId" : "1a5d141a-3294-3ff3-9182-5ae1d4f3465d",
"cves" : [ {
"cvssBaseScore" : 5.4,
"description" : "IBM WebSphere Application Server is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.",
"id" : "CVE-2023-26283"
} ],
"remediations" : [ {
"endVersion" : "9.0.5.14",
"fixPack" : "9.0.5.15",
"iFixes" : [ "PH52925" ],
"operator" : "OR",
"startVersion" : "9.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "3c7e6c23-1aca-3ef3-9a65-67c328c5853f"
}, {
"created" : "2023-06-12T09:52:43Z",
"createdBy" : "vulnerability-manager",
"description" : "IBM WebSphere Application Server is vulnerable to cross site scripting in the Admin Console. This has been addressed in the remediation section.",
"id" : "a4c6b74b-5384-3ac3-bc38-fbf963faf2e7",
"name" : "6986333 : server1@defected1.example.com",
"updated" : "2023-06-12T09:52:43Z",
"updatedBy" : "vulnerability-manager",
"assetId" : "1a5d141a-3294-3ff3-9182-5ae1d4f3465d",
"cves" : [ {
"cvssBaseScore" : 6.1,
"description" : "IBM WebSphere Application Server is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.",
"id" : "CVE-2023-24966"
} ],
"remediations" : [ {
"endVersion" : "9.0.5.15",
"fixPack" : "9.0.5.16",
"iFixes" : [ "PH52785" ],
"operator" : "OR",
"startVersion" : "9.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "1e91ecba-f905-35b9-8914-b94fbe1c5d10"
}, {
"created" : "2023-06-12T09:52:44Z",
"createdBy" : "vulnerability-manager",
"description" : "WebSphere Application Server is vulnerable to an XML External Entity (XXE) Injection vulnerability. This has been addressed.",
"id" : "cce3f85c-5e93-3e54-8df5-a05f94a4806d",
"name" : "6445481 : server1@defected1.example.com",
"updated" : "2023-06-12T09:52:44Z",
"updatedBy" : "vulnerability-manager",
"assetId" : "1a5d141a-3294-3ff3-9182-5ae1d4f3465d",
"cves" : [ {
"cvssBaseScore" : 8.2,
"description" : "IBM WebSphere Application Server is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources.",
"id" : "CVE-2021-20454"
} ],
"remediations" : [ {
"endVersion" : "9.0.5.7",
"fixPack" : "9.0.5.8",
"iFixes" : [ "PH34048" ],
"operator" : "OR",
"startVersion" : "9.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "08348fe6-671e-3532-96eb-b60a58a03367"
}, {
"created" : "2023-06-12T09:52:44Z",
"createdBy" : "vulnerability-manager",
"description" : "There is a vulnerability in the Apache MyFaces library used by WebSphere Application Server. This has been addressed.",
"id" : "e9b23440-3250-30ec-8bca-c0c50c7e8f78",
"name" : "6441433 : server1@defected1.example.com",
"updated" : "2023-06-12T09:52:44Z",
"updatedBy" : "vulnerability-manager",
"assetId" : "1a5d141a-3294-3ff3-9182-5ae1d4f3465d",
"cves" : [ {
"cvssBaseScore" : 8.8,
"description" : "Apache MyFaces is vulnerable to cross-site request forgery, caused by improper validation of user-supplied input. By persuading an authenticated user to visit a malicious Web site, a remote attacker could send a malformed HTTP request to perform unauthorized actions. An attacker could exploit this vulnerability to perform cross-site scripting attacks, Web cache poisoning, and other malicious activities.",
"id" : "CVE-2021-26296"
} ],
"remediations" : [ {
"endVersion" : "9.0.5.7",
"fixPack" : "9.0.5.8",
"iFixes" : [ "PH34711" ],
"operator" : "OR",
"startVersion" : "9.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "7814fd6a-4917-3874-b7b8-37522966a735"
}, {
"created" : "2023-06-12T09:52:44Z",
"createdBy" : "vulnerability-manager",
"description" : "IBM WebSphere Application Server is vulnerable to cross-site scripting in the Admin Console. This has been addressed.",
"id" : "92e7e186-3cac-3a8e-be3e-a79bd9476171",
"name" : "6619699 : server1@defected1.example.com",
"updated" : "2023-06-12T09:52:44Z",
"updatedBy" : "vulnerability-manager",
"assetId" : "1a5d141a-3294-3ff3-9182-5ae1d4f3465d",
"cves" : [ {
"cvssBaseScore" : 5.4,
"description" : "IBM WebSphere Application Server is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.",
"id" : "CVE-2022-34336"
} ],
"remediations" : [ {
"endVersion" : "9.0.5.13",
"fixPack" : "9.0.5.14",
"iFixes" : [ "PH47531" ],
"operator" : "OR",
"startVersion" : "9.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "8105e268-19d7-3957-a696-19a7d46fe79f"
}, {
"created" : "2023-06-12T09:52:44Z",
"createdBy" : "vulnerability-manager",
"description" : "WebSphere Application Server configured with a federated repository is vulnerable to information disclosure. This has been addressed.",
"id" : "b3416175-d897-39fc-8850-05fbc3f6906b",
"name" : "6489485 : server1@defected1.example.com",
"updated" : "2023-06-12T09:52:44Z",
"updatedBy" : "vulnerability-manager",
"assetId" : "1a5d141a-3294-3ff3-9182-5ae1d4f3465d",
"cves" : [ {
"cvssBaseScore" : 3.7,
"description" : "IBM WebSphere Application Server could allow a remote user to enumerate usernames due to a difference of responses from valid and invalid login attempts.",
"id" : "CVE-2021-29842"
} ],
"remediations" : [ {
"endVersion" : "9.0.5.9",
"fixPack" : "9.0.5.10",
"iFixes" : [ "PH38929" ],
"operator" : "OR",
"startVersion" : "9.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "791c10df-84f1-3028-864a-4292ddd58959"
}, {
"created" : "2023-06-12T09:52:44Z",
"createdBy" : "vulnerability-manager",
"description" : "IBM WebSphere Application Server is vulnerable to a server-side request forgery vulnerability. This has been addressed.",
"id" : "782aee30-3fac-3135-bba0-b93f1076d622",
"name" : "6824179 : server1@defected1.example.com",
"updated" : "2023-06-12T09:52:44Z",
"updatedBy" : "vulnerability-manager",
"assetId" : "1a5d141a-3294-3ff3-9182-5ae1d4f3465d",
"cves" : [ {
"cvssBaseScore" : 4.3,
"description" : "IBM WebSphere Application Server is vulnerable to server-side request forgery (SSRF). By sending a specially crafted request, an attacker with local network access could exploit this vulnerability to obtain sensitive data.",
"id" : "CVE-2022-35282"
} ],
"remediations" : [ {
"endVersion" : "9.0.5.13",
"fixPack" : "9.0.5.14",
"iFixes" : [ "PH47385" ],
"operator" : "OR",
"startVersion" : "9.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "ec6eca06-f907-3462-8bc3-f4d2eca13f9c"
}, {
"created" : "2023-06-12T09:52:44Z",
"createdBy" : "vulnerability-manager",
"description" : "IBM WebSphere Application Server is vulnerable to SOAPAction spoofing when processing JAX-WS Web Services requests. This has been addressed.",
"id" : "e3517f60-d418-3950-89b8-e283f4dfe04c",
"name" : "6829907 : server1@defected1.example.com",
"updated" : "2023-06-12T09:52:44Z",
"updatedBy" : "vulnerability-manager",
"assetId" : "1a5d141a-3294-3ff3-9182-5ae1d4f3465d",
"cves" : [ {
"cvssBaseScore" : 5.9,
"description" : "IBM WebSphere Application Server Web services could allow a man-in-the-middle attacker to conduct SOAPAction spoofing to execute unwanted or unauthorized operations.",
"id" : "CVE-2022-38712"
} ],
"remediations" : [ {
"endVersion" : "9.0.5.13",
"fixPack" : "9.0.5.14",
"iFixes" : [ "PH49111" ],
"operator" : "OR",
"startVersion" : "9.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "87678508-9609-3d99-8ac8-0475b5614840"
}, {
"created" : "2023-06-12T09:52:44Z",
"createdBy" : "vulnerability-manager",
"description" : "WebSphere Application Server Java Batch is vulnerable to an XML External Entity Injection (XXE) vulnerability. This has been addressed.",
"id" : "5a698e36-7edb-3c94-bbbe-0d9739a3a851",
"name" : "6456017 : server1@defected1.example.com",
"updated" : "2023-06-12T09:52:44Z",
"updatedBy" : "vulnerability-manager",
"assetId" : "1a5d141a-3294-3ff3-9182-5ae1d4f3465d",
"cves" : [ {
"cvssBaseScore" : 6.5,
"description" : "IBM WebSphere Application Server Java Batch is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources.",
"id" : "CVE-2021-20492"
} ],
"remediations" : [ {
"endVersion" : "9.0.5.7",
"fixPack" : "9.0.5.8",
"iFixes" : [ "PH34906" ],
"operator" : "OR",
"startVersion" : "9.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "811e686e-3e94-3abc-a6cd-35cc6238bca1"
}, {
"created" : "2023-06-12T09:52:44Z",
"createdBy" : "vulnerability-manager",
"description" : "IBM WebSphere Application Server is vulnerable to an XML External Entity (XXE) Injection vulnerability. This has been addressed in the remediation section.",
"id" : "93d1ff77-bda1-3b5c-bf78-dbd5e898db0c",
"name" : "6989451 : server1@defected1.example.com",
"updated" : "2023-06-12T09:52:44Z",
"updatedBy" : "vulnerability-manager",
"assetId" : "1a5d141a-3294-3ff3-9182-5ae1d4f3465d",
"cves" : [ {
"XForceId" : "249185",
"cvssBaseScore" : 6.3,
"description" : "IBM WebSphere Application Server is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources.",
"id" : "CVE-2023-27554"
} ],
"remediations" : [ {
"endVersion" : "9.0.5.15",
"fixPack" : "9.0.5.16",
"iFixes" : [ "PH53252" ],
"operator" : "OR",
"startVersion" : "9.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "52519c1a-76fe-3be2-b73e-cb18f3fc9892"
}, {
"created" : "2023-06-12T09:52:44Z",
"createdBy" : "vulnerability-manager",
"description" : "IBM WebSphere Application Server is vulnerable to HTTP header injection when processing web requests. This has been addressed.",
"id" : "729d3265-623c-38ee-8cc3-210279352fe3",
"name" : "6618747 : server1@defected1.example.com",
"updated" : "2023-06-12T09:52:44Z",
"updatedBy" : "vulnerability-manager",
"assetId" : "1a5d141a-3294-3ff3-9182-5ae1d4f3465d",
"cves" : [ {
"cvssBaseScore" : 5.4,
"description" : "IBM WebSphere Application Server and IBM WebSphere Application Server Liberty are vulnerable to HTTP header injection, caused by improper validation. This could allow an attacker to conduct various attacks against the vulnerable system, including cache poisoning and cross-site scripting.",
"id" : "CVE-2022-34165"
} ],
"remediations" : [ {
"endVersion" : "9.0.5.13",
"fixPack" : "9.0.5.14",
"iFixes" : [ "PH46816" ],
"operator" : "OR",
"startVersion" : "9.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "1c5264cc-d6d0-3d3a-8c17-a655998215af"
}, {
"created" : "2023-06-12T09:52:44Z",
"createdBy" : "vulnerability-manager",
"description" : "WebSphere Application Server ND is vulnerable to a directory traversal vulnerability. This has been addressed.",
"id" : "fafdcaf0-1826-3229-9d81-38515ac340d1",
"name" : "6456955 : server1@defected1.example.com",
"updated" : "2023-06-12T09:52:44Z",
"updatedBy" : "vulnerability-manager",
"assetId" : "1a5d141a-3294-3ff3-9182-5ae1d4f3465d",
"cves" : [ {
"cvssBaseScore" : 6.4,
"description" : "IBM WebSphere Application Server Network Deployment could allow a remote authenticated attacker to traverse directories. An attacker could send a specially-crafted URL request containing \"dot dot\" sequences (/../) to read and delete arbitrary files on the system.",
"id" : "CVE-2021-20517"
} ],
"remediations" : [ {
"endVersion" : "9.0.5.7",
"fixPack" : "9.0.5.8",
"iFixes" : [ "PH35098" ],
"operator" : "OR",
"startVersion" : "9.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "90ca94f2-485a-3165-9b51-13bf6e2a3acb"
}, {
"created" : "2023-06-12T09:52:44Z",
"createdBy" : "vulnerability-manager",
"description" : "There are multiple vulnerabilities in Apache HttpComponents and HttpCommons libraries which affect WebSphere Application Server. This has been addressed.",
"id" : "635e7d2f-8bd6-30ae-9c10-24f45cb5a930",
"name" : "6453091 : server1@defected1.example.com",
"updated" : "2023-06-12T09:52:44Z",
"updatedBy" : "vulnerability-manager",
"assetId" : "1a5d141a-3294-3ff3-9182-5ae1d4f3465d",
"cves" : [ {
"cvssBaseScore" : 4.3,
"description" : "Apache HttpComponents could allow a remote attacker to conduct spoofing attacks, caused by an incomplete fix related to the failure to verify that the server hostname matches a domain name in the Subject's Common Name (CN) or SubjectAltName field of certificates. By persuading a victim to visit a Web site containing a specially-crafted certificate, an attacker could exploit this vulnerability using man-in-the-middle techniques to spoof an SSL server.",
"id" : "CVE-2012-6153"
}, {
"cvssBaseScore" : 5.0,
"description" : "Apache HttpComponents could allow a remote attacker to obtain sensitive information, caused by an unspecified error in HttpClient. An attacker could exploit this vulnerability to send the Proxy-Authorization header to the host and disclose the user's password.",
"id" : "CVE-2011-1498"
}, {
"cvssBaseScore" : 5.3,
"description" : "Apache Commons is vulnerable to a denial of service, caused by the failure to apply a configured connection during the initial handshake of an HTTPS connection by the HttpClient component. An attacker could exploit this vulnerability to accumulate multiple connections and exhaust all available resources.",
"id" : "CVE-2015-5262"
}, {
"cvssBaseScore" : 4.3,
"description" : "Apache HttpComponents could allow a remote attacker to conduct spoofing attacks, caused by the failure to verify that the server hostname matches a domain name in the Subject's Common Name (CN) or SubjectAltName field of certificates. By persuading a victim to visit a Web site containing a specially-crafted certificate, an attacker could exploit this vulnerability using man-in-the-middle techniques to spoof an SSL server.",
"id" : "CVE-2014-3577"
} ],
"remediations" : [ {
"additionalInstallationInstructions" : "https://www.ibm.com/support/pages/node/6453091",
"endVersion" : "9.0.5.7",
"fixPack" : "9.0.5.8",
"iFixes" : [ "PH34944", "PH34501" ],
"operator" : "OR",
"startVersion" : "9.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "73ef7448-5ee3-381b-b981-f975f3b1ce9e"
}, {
"created" : "2023-06-12T09:52:44Z",
"createdBy" : "vulnerability-manager",
"description" : "IBM WebSphere Application Server is vulnerable to an information disclosure vulnerability. This has been addressed.",
"id" : "f5c8bbde-1a85-3689-9d86-9b26d4d4c4b0",
"name" : "6603421 : server1@defected1.example.com",
"updated" : "2023-06-12T09:52:44Z",
"updatedBy" : "vulnerability-manager",
"assetId" : "1a5d141a-3294-3ff3-9182-5ae1d4f3465d",
"cves" : [ {
"cvssBaseScore" : 3.7,
"description" : "IBM WebSphere Application Server could allow a remote attacker to obtain sensitive information caused by improper handling of Administrative Console data. This information could be used in further attacks against the system.",
"id" : "CVE-2022-22473"
} ],
"remediations" : [ {
"endVersion" : "9.0.5.12",
"fixPack" : "9.0.5.13",
"iFixes" : [ "PH46342" ],
"operator" : "OR",
"startVersion" : "9.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "be992f69-51a8-3e14-8a4d-bbdf51cc9eb7"
}, {
"created" : "2023-06-12T09:52:44Z",
"createdBy" : "vulnerability-manager",
"description" : "WebSphere Application Server is vulnerable to an XML External Entity (XXE) Injection vulnerability. This has been addressed.",
"id" : "e122b907-7bf3-31ca-9ed3-ac35f592ded9",
"name" : "6445171 : server1@defected1.example.com",
"updated" : "2023-06-12T09:52:44Z",
"updatedBy" : "vulnerability-manager",
"assetId" : "1a5d141a-3294-3ff3-9182-5ae1d4f3465d",
"cves" : [ {
"cvssBaseScore" : 8.2,
"description" : "IBM WebSphere Application Server is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources.",
"id" : "CVE-2021-20453"
} ],
"remediations" : [ {
"endVersion" : "9.0.5.7",
"fixPack" : "9.0.5.8",
"iFixes" : [ "PH34067" ],
"operator" : "OR",
"startVersion" : "9.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "bacad8ec-21f7-31c4-938c-5d281bc1202e"
} ],
"version" : "9.0.5.7",
"adminUiUrl" : "http://10.21.12.91:9060/ibm/console",
"edition" : "ND",
"groups" : [ "test", "WebSphere Cells", "WebSphere Cells/DefaultCell01", "WebSphere Cells/DefaultCell01/WebSphere Nodes", "WebSphere Cells/DefaultCell01/WebSphere Nodes/DefaultNode01" ],
"installDirectory" : "/opt/WAS",
"jdkId" : "f0842917-7c96-389e-b99f-302df459f944",
"lastContact" : "2023-06-12T10:21:41Z",
"profileDirectory" : "/opt/WAS/profiles/AppSrv01",
"serverName" : "server1",
"serverType" : "APPLICATION_SERVER",
"cellName" : "DefaultCell01",
"nodeName" : "DefaultNode01"
},
"originalVersion" : {
"created" : "2023-06-12T09:52:43Z",
"createdBy" : "server-registration-processor",
"id" : "1a5d141a-3294-3ff3-9182-5ae1d4f3465d",
"name" : "server1@defected1.example.com",
"updated" : "2023-06-12T10:19:37Z",
"updatedBy" : "server-registration-processor",
"apars" : [ ],
"hostName" : "defected1.example.com",
"operatingSystem" : "Linux",
"operatingSystemVersion" : "3.10.0-1160.90.1.el7.x86_64",
"productName" : "WebSphere Application Server Network Deployment",
"type" : "TRADITIONAL",
"unresolvedVulnerabilities" : [ {
"created" : "2023-06-12T09:52:42Z",
"createdBy" : "server-registration-processor",
"description" : "There are multiple vulnerabilities in the IBM® SDK, Java™ Technology Edition that is shipped with IBM WebSphere Application Server and IBM WebSphere Application Server Liberty. The CVE(s) listed in this document might affect some configurations of IBM WebSphere Application Server traditional and IBM WebSphere Application Server Liberty. These products have addressed the applicable CVE(s). If you run your own Java code using the IBM Java Runtime delivered with this product, you should evaluate your code to determine whether the complete list of vulnerabilities is applicable to your code. For a complete list of vulnerabilities, refer to the link for \"IBM Java SDK Security Bulletin\" located in the References section for more information. HP fixes are on a delayed schedule.",
"id" : "63d3b3f2-e49e-378b-a339-ac3753d48d33",
"name" : "6839565 : IBM J9 VM@defected1.example.com",
"updated" : "2023-06-12T09:52:42Z",
"updatedBy" : "server-registration-processor",
"assetId" : "f0842917-7c96-389e-b99f-302df459f944",
"cves" : [ {
"cvssBaseScore" : 5.3,
"description" : "An unspecified vulnerability in Java SE related to the Security component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors.",
"id" : "CVE-2022-21626"
}, {
"cvssBaseScore" : 3.7,
"description" : "An unspecified vulnerability in Java SE related to the Security component could allow an unauthenticated attacker to update, insert or delete data resulting in a low integrity impact using unknown attack vectors.",
"id" : "CVE-2022-21624"
} ],
"remediations" : [ {
"additionalInstallationInstructions" : "https://www.ibm.com/support/pages/node/6839565",
"endVersion" : "8.0.7.19",
"fixPack" : "8.0.7.20",
"iFixes" : [ "PH50734" ],
"operator" : "OR",
"startVersion" : "8.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "f0a4388b-cbb5-3e46-a267-f230db98c073"
}, {
"created" : "2023-06-12T09:52:42Z",
"createdBy" : "server-registration-processor",
"description" : "There are multiple vulnerabilities in the IBM® SDK, Java™ Technology Edition that is shipped with IBM WebSphere Application Server and IBM WebSphere Application Server Liberty. These might affect some configurations of IBM WebSphere Application Server traditional and IBM WebSphere Application Server Liberty. These products have addressed the applicable CVEs. If you run your own Java code using the IBM Java Runtime delivered with this product, you should evaluate your code to determine whether the complete list of vulnerabilities is applicable to your code. For a complete list of vulnerabilities, refer to the link for \"IBM Java SDK Security Bulletin\" located in the References section for more information. HP fixes are on a delayed schedule.",
"id" : "677299b0-2524-3c66-9c36-85c16a0a3690",
"name" : "6594523 : IBM J9 VM@defected1.example.com",
"updated" : "2023-06-12T09:52:42Z",
"updatedBy" : "server-registration-processor",
"assetId" : "f0842917-7c96-389e-b99f-302df459f944",
"cves" : [ {
"cvssBaseScore" : 5.3,
"description" : "An unspecified vulnerability in Java SE related to the JAXP component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors.",
"id" : "CVE-2022-21299"
}, {
"cvssBaseScore" : 5.3,
"description" : "An unspecified vulnerability in Java SE related to the JNDI component could allow an unauthenticated attacker to cause no confidentiality impact, low integrity impact, and no availability impact.",
"id" : "CVE-2022-21496"
} ],
"remediations" : [ {
"additionalInstallationInstructions" : "https://www.ibm.com/support/pages/node/6594523",
"endVersion" : "8.0.7.9",
"fixPack" : "8.0.7.10",
"iFixes" : [ "PH46425" ],
"operator" : "OR",
"startVersion" : "8.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "12959664-bdcc-396a-b0af-f15886b07354"
}, {
"created" : "2023-06-12T09:52:42Z",
"createdBy" : "server-registration-processor",
"description" : "There are multiple vulnerabilities in the IBM® SDK, Java™ Technology Edition that is shipped with IBM WebSphere Application Server and IBM WebSphere Application Server Liberty. The CVE(s) listed in this document might affect some configurations of IBM WebSphere Application Server traditional and IBM WebSphere Application Server Liberty. These products have addressed the applicable CVE(s). If you run your own Java code using the IBM Java Runtime delivered with this product, you should evaluate your code to determine whether the complete list of vulnerabilities is applicable to your code. For a complete list of vulnerabilities, refer to the link for \"IBM Java SDK Security Bulletin\" located in the References section for more information. HP fixes are on a delayed schedule.",
"id" : "64f1d4d4-4ea5-367d-93fe-9317af030897",
"name" : "6980375 : IBM J9 VM@defected1.example.com",
"updated" : "2023-06-12T09:52:42Z",
"updatedBy" : "server-registration-processor",
"assetId" : "f0842917-7c96-389e-b99f-302df459f944",
"cves" : [ {
"cvssBaseScore" : 5.3,
"description" : "An unspecified vulnerability in Java SE related to the JAXP component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors.",
"id" : "CVE-2022-21426"
}, {
"cvssBaseScore" : 5.3,
"description" : "An unspecified vulnerability in Java SE related to the Serialization component could allow a remote attacker to cause a denial of service resulting in a low integrity impact using unknown attack vectors.",
"id" : "CVE-2023-21830"
} ],
"remediations" : [ {
"additionalInstallationInstructions" : "https://www.ibm.com/support/pages/node/6980375",
"endVersion" : "8.0.7.99",
"fixPack" : "8.0.8.0",
"iFixes" : [ "PH53088" ],
"operator" : "OR",
"startVersion" : "8.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "1775bdd2-6649-350f-9442-0fbd4abeb4f7"
}, {
"created" : "2023-06-12T09:52:42Z",
"createdBy" : "server-registration-processor",
"description" : "There are multiple vulnerabilities in the IBM® SDK, Java™ Technology Edition that is shipped with IBM WebSphere Application Server and IBM WebSphere Application Server Liberty. The CVE(s) listed in this document might affect some configurations of IBM WebSphere Application Server traditional and IBM WebSphere Application Server Liberty. These products have addressed the applicable CVE(s). If you run your own Java code using the IBM Java Runtime delivered with this product, you should evaluate your code to determine whether the complete list of vulnerabilities is applicable to your code. For a complete list of vulnerabilities, refer to the link for \"IBM Java SDK Security Bulletin\" located in the References section for more information. HP fixes are on a delayed schedule.",
"id" : "5041b7c1-f13a-34aa-b544-94a22aab4960",
"name" : "6616953 : IBM J9 VM@defected1.example.com",
"updated" : "2023-06-12T09:52:42Z",
"updatedBy" : "server-registration-processor",
"assetId" : "f0842917-7c96-389e-b99f-302df459f944",
"cves" : [ {
"cvssBaseScore" : 5.3,
"description" : "An unspecified vulnerability in Java SE related to the Libraries component could allow an unauthenticated attacker to cause no confidentiality impact, high integrity impact, and no availability impact.",
"id" : "CVE-2021-2163"
} ],
"remediations" : [ {
"additionalInstallationInstructions" : "https://www.ibm.com/support/pages/node/6616953",
"endVersion" : "8.0.7.14",
"fixPack" : "8.0.7.15",
"iFixes" : [ "PH48649" ],
"operator" : "OR",
"startVersion" : "8.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "ce701624-9b78-3923-bc80-967995bab0da"
}, {
"created" : "2023-06-12T09:52:42Z",
"createdBy" : "server-registration-processor",
"description" : "There is a vulnerability in the IBM® SDK, Java™ Technology Edition that is shipped with IBM WebSphere Application Server and IBM WebSphere Application Server Liberty. The CVE(s) listed in this document might affect some configurations of IBM WebSphere Application Server traditional and IBM WebSphere Application Server Liberty. These products have addressed the applicable CVE. If you run your own Java code using the IBM Java Runtime delivered with this product, you should evaluate your code to determine whether this vulnerability is applicable to your code. Refer to the link for \"IBM Java SDK Security Bulletin\" located in the References section for more information.",
"id" : "69999989-8e75-38c2-9c73-f75ffc4dcf59",
"name" : "6986617 : IBM J9 VM@defected1.example.com",
"updated" : "2023-06-12T09:52:42Z",
"updatedBy" : "server-registration-processor",
"assetId" : "f0842917-7c96-389e-b99f-302df459f944",
"cves" : [ {
"cvssBaseScore" : 7.5,
"description" : "IBM Runtime Environment, Java Technology Edition IBMJCEPlus and JSSE components could expose sensitive information using a combination of flaws and configurations.",
"id" : "CVE-2023-30441"
} ],
"remediations" : [ {
"additionalInstallationInstructions" : "https://www.ibm.com/support/pages/node/6986617",
"endVersion" : "8.0.7.14",
"fixPack" : "8.0.7.15",
"iFixes" : [ "PH53088" ],
"operator" : "OR",
"startVersion" : "8.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "eb0bc67a-81be-3497-a33c-ae909eef69da"
}, {
"created" : "2023-06-12T09:52:42Z",
"createdBy" : "server-registration-processor",
"description" : "There are multiple vulnerabilities in the IBM® SDK, Java™ Technology Edition that is shipped with IBM WebSphere Application Server and IBM WebSphere Application Server Liberty. The CVE(s) listed in this document might affect some configurations of IBM WebSphere Application Server traditional and IBM WebSphere Application Server Liberty. These products have addressed the applicable CVE(s). If you run your own Java code using the IBM Java Runtime delivered with this product, you should evaluate your code to determine whether the complete list of vulnerabilities is applicable to your code. For a complete list of vulnerabilities, refer to the link for \"IBM Java SDK Security Bulletin\" located in the References section for more information. HP fixes are on a delayed schedule.",
"id" : "f360346c-e134-39fb-ac92-61e089e2bf7f",
"name" : "7001677 : IBM J9 VM@defected1.example.com",
"updated" : "2023-06-12T09:52:42Z",
"updatedBy" : "server-registration-processor",
"assetId" : "f0842917-7c96-389e-b99f-302df459f944",
"cves" : [ {
"cvssBaseScore" : 3.7,
"description" : "An unspecified vulnerability in Oracle Java SE, Oracle GraalVM Enterprise Edition related to the Networking component could allow a remote attacker to cause integrity impact.",
"id" : "CVE-2023-21937"
}, {
"cvssBaseScore" : 5.9,
"description" : "An unspecified vulnerability in Oracle Java SE, Oracle GraalVM Enterprise Edition related to the JSSE component could allow a remote attacker to cause high availability impact.",
"id" : "CVE-2023-21954"
}, {
"cvssBaseScore" : 3.7,
"description" : "An unspecified vulnerability in Oracle Java SE, Oracle GraalVM Enterprise Edition related to the Libraries component could allow a remote attacker to cause integrity impact.",
"id" : "CVE-2023-21938"
}, {
"cvssBaseScore" : 5.9,
"description" : "An unspecified vulnerability in Oracle Java SE, Oracle GraalVM Enterprise Edition related to the Hotspot component could allow a remote attacker to cause high confidentiality impact.",
"id" : "CVE-2023-21967"
}, {
"cvssBaseScore" : 7.4,
"description" : "An unspecified vulnerability in Oracle Java SE, Oracle GraalVM Enterprise Edition related to the JSSE component could allow an unauthenticated attacker to cause high confidentiality impact and high integrity impact.",
"id" : "CVE-2023-21930"
}, {
"cvssBaseScore" : 3.7,
"description" : "An unspecified vulnerability in Oracle Java SE and GraalVM Enterprise Edition related to the Libraries component could allow an unauthenticated attacker to cause low integrity impact.",
"id" : "CVE-2023-21968"
} ],
"remediations" : [ {
"additionalInstallationInstructions" : "https://www.ibm.com/support/pages/node/7001677",
"endVersion" : "8.0.8.4",
"fixPack" : "8.0.8.5",
"iFixes" : [ "PH54908" ],
"operator" : "OR",
"startVersion" : "8.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "c0533ed3-cdf3-3305-a667-7757bdeaca62"
}, {
"created" : "2023-06-12T09:52:43Z",
"createdBy" : "vulnerability-manager",
"description" : "IBM WebSphere Application Server is vulnerable to cross-site scripting in the Admin Console. This has been addressed.",
"id" : "c4686ba1-62b7-3b3d-ac80-48dba51f076a",
"name" : "6603417 : server1@defected1.example.com",
"updated" : "2023-06-12T09:52:43Z",
"updatedBy" : "vulnerability-manager",
"assetId" : "1a5d141a-3294-3ff3-9182-5ae1d4f3465d",
"cves" : [ {
"cvssBaseScore" : 6.1,
"description" : "IBM WebSphere Application Server is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.",
"id" : "CVE-2022-22477"
} ],
"remediations" : [ {
"endVersion" : "9.0.5.13",
"fixPack" : "9.0.5.14",
"iFixes" : [ "PH50116" ],
"operator" : "OR",
"startVersion" : "9.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "8802da81-52eb-3c2f-93f7-12a6875b026a"
}, {
"created" : "2023-06-12T09:52:43Z",
"createdBy" : "vulnerability-manager",
"description" : "There is a vulnerability in the Apache log4j library used by IBM WebSphere Application Server traditional in the Admin Console and UDDI Registry application. This has been addressed in IBM WebSphere Application Server by removing log4j from the Admin Console and UDDI Registry application.",
"id" : "8574b9fe-b61e-3a9b-9285-4d8568007956",
"name" : "6538148 : server1@defected1.example.com",
"updated" : "2023-06-12T09:52:43Z",
"updatedBy" : "vulnerability-manager",
"assetId" : "1a5d141a-3294-3ff3-9182-5ae1d4f3465d",
"cves" : [ {
"cvssBaseScore" : 7.5,
"description" : "Apache Log4j is vulnerable to a denial of service, caused by the failure to protect from uncontrolled recursion from self-referential lookups. A remote attacker with control over Thread Context Map (MDC) input data could craft malicious input data that contains a recursive lookup to cause a StackOverflowError that will terminate the process. Note: The vulnerability is also called LOG4J2-3230.",
"id" : "CVE-2021-45105"
}, {
"cvssBaseScore" : 6.6,
"description" : "Apache Log4j could allow a remote attacker with permission to modify the logging configuration file to execute arbitrary code on the system. By constructing a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI , an attacker could exploit this vulnerability to execute remote code.",
"id" : "CVE-2021-44832"
} ],
"remediations" : [ {
"additionalInstallationInstructions" : "https://www.ibm.com/support/pages/node/6538148",
"endVersion" : "9.0.5.10",
"fixPack" : "9.0.5.11",
"iFixes" : [ "PH42762" ],
"operator" : "OR",
"startVersion" : "9.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "f7d7516a-64f8-3cc1-8b59-4f767b2b7a6d"
}, {
"created" : "2023-06-12T09:52:43Z",
"createdBy" : "vulnerability-manager",
"description" : "WebSphere Application Server is vulnerable to a privilege escalation vulnerability. This has been addressed.",
"id" : "35b3dd3c-fac9-3e33-bd31-ac6fd27a8951",
"name" : "6462627 : server1@defected1.example.com",
"updated" : "2023-06-12T09:52:43Z",
"updatedBy" : "vulnerability-manager",
"assetId" : "1a5d141a-3294-3ff3-9182-5ae1d4f3465d",
"cves" : [ {
"cvssBaseScore" : 4.2,
"description" : "IBM WebSphere Application Server is vulnerable to a privilege escalation vulnerability when using the SAML Web Inbound Trust Association Interceptor (TAI).",
"id" : "CVE-2021-29754"
} ],
"remediations" : [ {
"endVersion" : "9.0.5.7",
"fixPack" : "9.0.5.8",
"iFixes" : [ "PH36253" ],
"operator" : "OR",
"startVersion" : "9.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "be374926-02be-3165-8714-c06108174d80"
}, {
"created" : "2023-06-12T09:52:43Z",
"createdBy" : "vulnerability-manager",
"description" : "There is a vulnerability in the Apache log4j library used by IBM WebSphere Application Server in the Admin Console and UDDI Registry application and used by the IBM WebSphere Application Server Liberty for z/OS in features zosConnect-1.0 and zosConnect-1.2. This has been addressed in IBM WebSphere Application Server by removing log4j from the Admin Console and UDDI Registry application. This has been addressed in IBM WebSphere Application Server Liberty for z/OS by removing log4j from the zosConnect-1.0 and zosConnect-1.2 features.",
"id" : "204166a3-16ad-3b80-bccb-f8d5e69d1d44",
"name" : "6526750 : server1@defected1.example.com",
"updated" : "2023-06-12T09:52:43Z",
"updatedBy" : "vulnerability-manager",
"assetId" : "1a5d141a-3294-3ff3-9182-5ae1d4f3465d",
"cves" : [ {
"cvssBaseScore" : 9.0,
"description" : "Apache Log4j is vulnerable to a denial of service, caused by an incomplete fix of CVE-2021-44228 in certain non-default configurations. A remote attacker with control over Thread Context Map (MDC) input data or a Thread Context Map pattern to exploit this vulnerability to craft malicious input data using a JNDI Lookup pattern and cause a denial of service.",
"id" : "CVE-2021-45046"
}, {
"cvssBaseScore" : 8.1,
"description" : "Apache Log4j could allow a remote attacker to execute arbitrary code on the system, caused by the deserialization of untrusted data when the attacker has write access to the Log4j configuration. If the deployed application is configured to use JMSAppender, an attacker could exploit this vulnerability to execute arbitrary code on the system.",
"id" : "CVE-2021-4104"
} ],
"remediations" : [ {
"additionalInstallationInstructions" : "https://www.ibm.com/support/pages/node/6526750",
"endVersion" : "9.0.5.10",
"fixPack" : "9.0.5.11",
"iFixes" : [ "PH42762" ],
"operator" : "OR",
"startVersion" : "9.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "7a9fe3c4-0557-342d-86dd-92bb80c27a47"
}, {
"created" : "2023-06-12T09:52:43Z",
"createdBy" : "vulnerability-manager",
"description" : "There is a vulnerability in the Apache Commons FileUpload library used by IBM WebSphere Application Server and used by IBM WebSphere Application Server Liberty with the servlet-3.0, servlet-3.1, servlet-4.0, servlet-5.0 or servlet-6.0 feature enabled. This has been addressed in the remediation section.",
"id" : "433af02b-da8d-3f6e-ab2c-bf59f8dca3a4",
"name" : "6982047 : server1@defected1.example.com",
"updated" : "2023-06-12T09:52:43Z",
"updatedBy" : "vulnerability-manager",
"assetId" : "1a5d141a-3294-3ff3-9182-5ae1d4f3465d",
"cves" : [ {
"cvssBaseScore" : 7.5,
"description" : "Apache Commons FileUpload and Tomcat are vulnerable to a denial of service, caused by not limit the number of request parts to be processed in the file upload function. By sending a specially-crafted request with series of uploads, a remote attacker could exploit this vulnerability to cause a denial of service condition.",
"id" : "CVE-2023-24998"
} ],
"remediations" : [ {
"endVersion" : "9.0.5.15",
"fixPack" : "9.0.5.16",
"iFixes" : [ "PH50863" ],
"operator" : "OR",
"startVersion" : "9.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "7e38c015-dd84-351a-8084-47eeda5fc3e4"
}, {
"created" : "2023-06-12T09:52:43Z",
"createdBy" : "vulnerability-manager",
"description" : "WebSphere Application Server is vulnerable to a Denial of Service. This has been addressed.",
"id" : "a2140afb-b68f-351c-a7ae-5958058ecfe1",
"name" : "6524674 : server1@defected1.example.com",
"updated" : "2023-06-12T09:52:43Z",
"updatedBy" : "vulnerability-manager",
"assetId" : "1a5d141a-3294-3ff3-9182-5ae1d4f3465d",
"cves" : [ {
"cvssBaseScore" : 7.5,
"description" : "IBM WebSphere Application Server is vulnerable to a denial of service, caused by sending a specially-crafted request. A remote attacker could exploit this vulnerability to cause the server to consume all available CPU resources.",
"id" : "CVE-2021-38951"
} ],
"remediations" : [ {
"endVersion" : "9.0.5.10",
"fixPack" : "9.0.5.11",
"iFixes" : [ "PH41676" ],
"operator" : "OR",
"startVersion" : "9.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "f5697581-ef60-3b61-a7bd-f7a35fe31c09"
}, {
"created" : "2023-06-12T09:52:43Z",
"createdBy" : "vulnerability-manager",
"description" : "IBM WebSphere Application Server is vulnerable to spoofing when the Ajax Proxy Web Application (AjaxProxy.war) is deployed. This has been addressed.",
"id" : "1cb30b87-cfac-3d3a-8819-448212c5ef72",
"name" : "6587947 : server1@defected1.example.com",
"updated" : "2023-06-12T09:52:43Z",
"updatedBy" : "vulnerability-manager",
"assetId" : "1a5d141a-3294-3ff3-9182-5ae1d4f3465d",
"cves" : [ {
"cvssBaseScore" : 5.6,
"description" : "IBM WebSphere Application Server, with the Ajax Proxy Web Application (AjaxProxy.war) deployed, is vulnerable to spoofing by allowing a man-in-the-middle attacker to spoof SSL server hostnames.",
"id" : "CVE-2022-22365"
} ],
"remediations" : [ {
"endVersion" : "9.0.5.12",
"fixPack" : "9.0.5.13",
"iFixes" : [ "PH44339" ],
"operator" : "OR",
"startVersion" : "9.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "dea61e89-3789-3bb9-8919-2eece51ac6e4"
}, {
"created" : "2023-06-12T09:52:43Z",
"createdBy" : "vulnerability-manager",
"description" : "WebSphere Application Server is vulnerable to a privilege escalation vulnerability. This has been addressed.",
"id" : "0313e954-fc3a-30c0-871b-1b27aed82dc0",
"name" : "6476678 : server1@defected1.example.com",
"updated" : "2023-06-12T09:52:43Z",
"updatedBy" : "vulnerability-manager",
"assetId" : "1a5d141a-3294-3ff3-9182-5ae1d4f3465d",
"cves" : [ {
"cvssBaseScore" : 5.0,
"description" : "IBM WebSphere Application Server could allow a remote user to gain elevated privileges on the system.",
"id" : "CVE-2021-29736"
} ],
"remediations" : [ {
"endVersion" : "9.0.5.8",
"fixPack" : "9.0.5.9",
"iFixes" : [ "PH34690" ],
"operator" : "OR",
"startVersion" : "9.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "7e319bee-f621-3c68-89db-e02d75e4a096"
}, {
"created" : "2023-06-12T09:52:43Z",
"createdBy" : "vulnerability-manager",
"description" : "There is a vulnerability in the Dojo library used by IBM WebSphere Application Server traditional in the Admin Console and used by the IBM WebSphere Application Server Liberty with the adminCenter-1.0 feature enabled that allows arbitrary code to be executed in the browser. This has been addressed.",
"id" : "6433c4ec-30c1-3683-9b0d-9999ca94a214",
"name" : "6558594 : server1@defected1.example.com",
"updated" : "2023-06-12T09:52:43Z",
"updatedBy" : "vulnerability-manager",
"assetId" : "1a5d141a-3294-3ff3-9182-5ae1d4f3465d",
"cves" : [ {
"cvssBaseScore" : 9.8,
"description" : "Dojo could allow a remote attacker to execute arbitrary code on the system, caused by a prototype pollution in the setObject function. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.",
"id" : "CVE-2021-23450"
} ],
"remediations" : [ {
"additionalInstallationInstructions" : "https://www.ibm.com/support/pages/node/6558594",
"endVersion" : "9.0.5.11",
"fixPack" : "9.0.5.12",
"iFixes" : [ "PH43148" ],
"operator" : "OR",
"startVersion" : "9.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "fa87efd3-6092-392e-b15c-bbab13d5e5b4"
}, {
"created" : "2023-06-12T09:52:43Z",
"createdBy" : "vulnerability-manager",
"description" : "IBM WebSphere Application Server traditional is vulnerable to a remote code execution vulnerability. This has been addressed.",
"id" : "2cf78bf7-89ae-3212-ae1f-971cdeffb08d",
"name" : "6891111 : server1@defected1.example.com",
"updated" : "2023-06-12T09:52:43Z",
"updatedBy" : "vulnerability-manager",
"assetId" : "1a5d141a-3294-3ff3-9182-5ae1d4f3465d",
"cves" : [ {
"cvssBaseScore" : 8.1,
"description" : "IBM WebSphere Application Server traditional could allow a remote attacker to execute arbitrary code on the system with a specially crafted sequence of serialized objects.",
"id" : "CVE-2023-23477"
} ],
"remediations" : [ {
"endVersion" : "9.0.5.7",
"fixPack" : "9.0.5.8",
"iFixes" : [ ],
"startVersion" : "9.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "61ef025f-d114-3a62-8364-5d6da16fe406"
}, {
"created" : "2023-06-12T09:52:43Z",
"createdBy" : "vulnerability-manager",
"description" : "IBM WebSphere Application Server is vulnerable to clickjacking when REST API discovery is configured through the WebSphere administrative console Web Container settings to enable the API Discovery service, or through IBM WebSphere Application Server Liberty features mpOpenAPI-1.0, mpOpenAPI-1.1, mpOpenAPI-2.0, apiDiscovery-1.0, openapi-3.0 or openapi-3.1. This has been addressed.",
"id" : "c6adb21f-da01-3e00-ad4a-780564c24fd0",
"name" : "6559044 : server1@defected1.example.com",
"updated" : "2023-06-12T09:52:43Z",
"updatedBy" : "vulnerability-manager",
"assetId" : "1a5d141a-3294-3ff3-9182-5ae1d4f3465d",
"cves" : [ {
"cvssBaseScore" : 4.4,
"description" : "IBM WebSphere Application Server could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim.",
"id" : "CVE-2021-39038"
} ],
"remediations" : [ {
"additionalInstallationInstructions" : "https://www.ibm.com/support/pages/node/6559044",
"endVersion" : "9.0.5.11",
"fixPack" : "9.0.5.12",
"iFixes" : [ "PH43760" ],
"operator" : "OR",
"startVersion" : "9.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "9ba75eb9-b77d-3071-843b-4f487d79f9f4"
}, {
"created" : "2023-06-12T09:52:43Z",
"createdBy" : "vulnerability-manager",
"description" : "Multiple vulnerabilities exist in the Apache Log4j (CVE-2022-23302, CVE-2022-23305, CVE-2022-23307) library used by IBM WebSphere Application Server in the Admin Console and UDDI Registry application. The same Apache library is also used by the IBM WebSphere Application Server Liberty for z/OS in features zosConnect-1.0 and zosConnect-1.2. All vulnerabilities have been addressed previously by removing all existing Apache Log4j versions.",
"id" : "70357d34-411d-3321-a60f-ede653897a55",
"name" : "6557248 : server1@defected1.example.com",
"updated" : "2023-06-12T09:52:43Z",
"updatedBy" : "vulnerability-manager",
"assetId" : "1a5d141a-3294-3ff3-9182-5ae1d4f3465d",
"cves" : [ {
"cvssBaseScore" : 8.8,
"description" : "Apache Log4j could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization in JMSSink. By sending specially-crafted JNDI requests using TopicConnectionFactoryBindingName configuration, an attacker could exploit this vulnerability to execute arbitrary code on the system.",
"id" : "CVE-2022-23302"
}, {
"cvssBaseScore" : 6.5,
"description" : "Apache Log4j is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements to the JDBCAppender, which could allow the attacker to view, add, modify or delete information in the back-end database.",
"id" : "CVE-2022-23305"
}, {
"cvssBaseScore" : 9.8,
"description" : "Apache Log4j could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in the in Apache Chainsaw component. By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system.",
"id" : "CVE-2022-23307"
} ],
"remediations" : [ {
"additionalInstallationInstructions" : "https://www.ibm.com/support/pages/node/6557248",
"endVersion" : "9.0.5.10",
"fixPack" : "9.0.5.11",
"iFixes" : [ "PH42762" ],
"operator" : "OR",
"startVersion" : "9.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "23c15e59-1ef9-3eb5-a175-0845597cdbc1"
}, {
"created" : "2023-06-12T09:52:43Z",
"createdBy" : "vulnerability-manager",
"description" : "IBM WebSphere Application Server is vulnerable to cross-site scripting in the Admin Console. This has been addressed in the remediation section.",
"id" : "a5738dd9-a9e6-3f47-9fea-49c3cc66814c",
"name" : "6964836 : server1@defected1.example.com",
"updated" : "2023-06-12T09:52:43Z",
"updatedBy" : "vulnerability-manager",
"assetId" : "1a5d141a-3294-3ff3-9182-5ae1d4f3465d",
"cves" : [ {
"cvssBaseScore" : 5.4,
"description" : "IBM WebSphere Application Server is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.",
"id" : "CVE-2023-26283"
} ],
"remediations" : [ {
"endVersion" : "9.0.5.14",
"fixPack" : "9.0.5.15",
"iFixes" : [ "PH52925" ],
"operator" : "OR",
"startVersion" : "9.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "3c7e6c23-1aca-3ef3-9a65-67c328c5853f"
}, {
"created" : "2023-06-12T09:52:43Z",
"createdBy" : "vulnerability-manager",
"description" : "IBM WebSphere Application Server is vulnerable to cross site scripting in the Admin Console. This has been addressed in the remediation section.",
"id" : "a4c6b74b-5384-3ac3-bc38-fbf963faf2e7",
"name" : "6986333 : server1@defected1.example.com",
"updated" : "2023-06-12T09:52:43Z",
"updatedBy" : "vulnerability-manager",
"assetId" : "1a5d141a-3294-3ff3-9182-5ae1d4f3465d",
"cves" : [ {
"cvssBaseScore" : 6.1,
"description" : "IBM WebSphere Application Server is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.",
"id" : "CVE-2023-24966"
} ],
"remediations" : [ {
"endVersion" : "9.0.5.15",
"fixPack" : "9.0.5.16",
"iFixes" : [ "PH52785" ],
"operator" : "OR",
"startVersion" : "9.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "1e91ecba-f905-35b9-8914-b94fbe1c5d10"
}, {
"created" : "2023-06-12T09:52:44Z",
"createdBy" : "vulnerability-manager",
"description" : "There is a vulnerability in the Dojo library used by WebSphere Application Server. This has been addressed.",
"id" : "6cbe3fea-f56c-3a85-bc79-44ad1e3f0bb2",
"name" : "6443101 : server1@defected1.example.com",
"updated" : "2023-06-12T09:52:44Z",
"updatedBy" : "vulnerability-manager",
"assetId" : "1a5d141a-3294-3ff3-9182-5ae1d4f3465d",
"cves" : [ {
"cvssBaseScore" : 7.5,
"description" : "Dojo dojo could allow a remote attacker to inject arbitrary code on the system, caused by a prototype pollution flaw. By injecting other values, an attacker could exploit this vulnerability to overwrite, or pollute, a JavaScript application object prototype of the base object.",
"id" : "CVE-2020-5258"
} ],
"remediations" : [ {
"endVersion" : "9.0.5.7",
"fixPack" : "9.0.5.8",
"iFixes" : [ "PH34122" ],
"operator" : "OR",
"startVersion" : "9.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "990c902a-63a4-358b-bee7-734d343d359b"
}, {
"created" : "2023-06-12T09:52:44Z",
"createdBy" : "vulnerability-manager",
"description" : "WebSphere Application Server is vulnerable to an XML External Entity (XXE) Injection vulnerability. This has been addressed.",
"id" : "cce3f85c-5e93-3e54-8df5-a05f94a4806d",
"name" : "6445481 : server1@defected1.example.com",
"updated" : "2023-06-12T09:52:44Z",
"updatedBy" : "vulnerability-manager",
"assetId" : "1a5d141a-3294-3ff3-9182-5ae1d4f3465d",
"cves" : [ {
"cvssBaseScore" : 8.2,
"description" : "IBM WebSphere Application Server is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources.",
"id" : "CVE-2021-20454"
} ],
"remediations" : [ {
"endVersion" : "9.0.5.7",
"fixPack" : "9.0.5.8",
"iFixes" : [ "PH34048" ],
"operator" : "OR",
"startVersion" : "9.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "08348fe6-671e-3532-96eb-b60a58a03367"
}, {
"created" : "2023-06-12T09:52:44Z",
"createdBy" : "vulnerability-manager",
"description" : "There is a vulnerability in the Apache MyFaces library used by WebSphere Application Server. This has been addressed.",
"id" : "e9b23440-3250-30ec-8bca-c0c50c7e8f78",
"name" : "6441433 : server1@defected1.example.com",
"updated" : "2023-06-12T09:52:44Z",
"updatedBy" : "vulnerability-manager",
"assetId" : "1a5d141a-3294-3ff3-9182-5ae1d4f3465d",
"cves" : [ {
"cvssBaseScore" : 8.8,
"description" : "Apache MyFaces is vulnerable to cross-site request forgery, caused by improper validation of user-supplied input. By persuading an authenticated user to visit a malicious Web site, a remote attacker could send a malformed HTTP request to perform unauthorized actions. An attacker could exploit this vulnerability to perform cross-site scripting attacks, Web cache poisoning, and other malicious activities.",
"id" : "CVE-2021-26296"
} ],
"remediations" : [ {
"endVersion" : "9.0.5.7",
"fixPack" : "9.0.5.8",
"iFixes" : [ "PH34711" ],
"operator" : "OR",
"startVersion" : "9.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "7814fd6a-4917-3874-b7b8-37522966a735"
}, {
"created" : "2023-06-12T09:52:44Z",
"createdBy" : "vulnerability-manager",
"description" : "IBM WebSphere Application Server is vulnerable to cross-site scripting in the Admin Console. This has been addressed.",
"id" : "92e7e186-3cac-3a8e-be3e-a79bd9476171",
"name" : "6619699 : server1@defected1.example.com",
"updated" : "2023-06-12T09:52:44Z",
"updatedBy" : "vulnerability-manager",
"assetId" : "1a5d141a-3294-3ff3-9182-5ae1d4f3465d",
"cves" : [ {
"cvssBaseScore" : 5.4,
"description" : "IBM WebSphere Application Server is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.",
"id" : "CVE-2022-34336"
} ],
"remediations" : [ {
"endVersion" : "9.0.5.13",
"fixPack" : "9.0.5.14",
"iFixes" : [ "PH47531" ],
"operator" : "OR",
"startVersion" : "9.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "8105e268-19d7-3957-a696-19a7d46fe79f"
}, {
"created" : "2023-06-12T09:52:44Z",
"createdBy" : "vulnerability-manager",
"description" : "WebSphere Application Server configured with a federated repository is vulnerable to information disclosure. This has been addressed.",
"id" : "b3416175-d897-39fc-8850-05fbc3f6906b",
"name" : "6489485 : server1@defected1.example.com",
"updated" : "2023-06-12T09:52:44Z",
"updatedBy" : "vulnerability-manager",
"assetId" : "1a5d141a-3294-3ff3-9182-5ae1d4f3465d",
"cves" : [ {
"cvssBaseScore" : 3.7,
"description" : "IBM WebSphere Application Server could allow a remote user to enumerate usernames due to a difference of responses from valid and invalid login attempts.",
"id" : "CVE-2021-29842"
} ],
"remediations" : [ {
"endVersion" : "9.0.5.9",
"fixPack" : "9.0.5.10",
"iFixes" : [ "PH38929" ],
"operator" : "OR",
"startVersion" : "9.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "791c10df-84f1-3028-864a-4292ddd58959"
}, {
"created" : "2023-06-12T09:52:44Z",
"createdBy" : "vulnerability-manager",
"description" : "IBM WebSphere Application Server is vulnerable to a server-side request forgery vulnerability. This has been addressed.",
"id" : "782aee30-3fac-3135-bba0-b93f1076d622",
"name" : "6824179 : server1@defected1.example.com",
"updated" : "2023-06-12T09:52:44Z",
"updatedBy" : "vulnerability-manager",
"assetId" : "1a5d141a-3294-3ff3-9182-5ae1d4f3465d",
"cves" : [ {
"cvssBaseScore" : 4.3,
"description" : "IBM WebSphere Application Server is vulnerable to server-side request forgery (SSRF). By sending a specially crafted request, an attacker with local network access could exploit this vulnerability to obtain sensitive data.",
"id" : "CVE-2022-35282"
} ],
"remediations" : [ {
"endVersion" : "9.0.5.13",
"fixPack" : "9.0.5.14",
"iFixes" : [ "PH47385" ],
"operator" : "OR",
"startVersion" : "9.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "ec6eca06-f907-3462-8bc3-f4d2eca13f9c"
}, {
"created" : "2023-06-12T09:52:44Z",
"createdBy" : "vulnerability-manager",
"description" : "IBM WebSphere Application Server is vulnerable to SOAPAction spoofing when processing JAX-WS Web Services requests. This has been addressed.",
"id" : "e3517f60-d418-3950-89b8-e283f4dfe04c",
"name" : "6829907 : server1@defected1.example.com",
"updated" : "2023-06-12T09:52:44Z",
"updatedBy" : "vulnerability-manager",
"assetId" : "1a5d141a-3294-3ff3-9182-5ae1d4f3465d",
"cves" : [ {
"cvssBaseScore" : 5.9,
"description" : "IBM WebSphere Application Server Web services could allow a man-in-the-middle attacker to conduct SOAPAction spoofing to execute unwanted or unauthorized operations.",
"id" : "CVE-2022-38712"
} ],
"remediations" : [ {
"endVersion" : "9.0.5.13",
"fixPack" : "9.0.5.14",
"iFixes" : [ "PH49111" ],
"operator" : "OR",
"startVersion" : "9.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "87678508-9609-3d99-8ac8-0475b5614840"
}, {
"created" : "2023-06-12T09:52:44Z",
"createdBy" : "vulnerability-manager",
"description" : "WebSphere Application Server Java Batch is vulnerable to an XML External Entity Injection (XXE) vulnerability. This has been addressed.",
"id" : "5a698e36-7edb-3c94-bbbe-0d9739a3a851",
"name" : "6456017 : server1@defected1.example.com",
"updated" : "2023-06-12T09:52:44Z",
"updatedBy" : "vulnerability-manager",
"assetId" : "1a5d141a-3294-3ff3-9182-5ae1d4f3465d",
"cves" : [ {
"cvssBaseScore" : 6.5,
"description" : "IBM WebSphere Application Server Java Batch is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources.",
"id" : "CVE-2021-20492"
} ],
"remediations" : [ {
"endVersion" : "9.0.5.7",
"fixPack" : "9.0.5.8",
"iFixes" : [ "PH34906" ],
"operator" : "OR",
"startVersion" : "9.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "811e686e-3e94-3abc-a6cd-35cc6238bca1"
}, {
"created" : "2023-06-12T09:52:44Z",
"createdBy" : "vulnerability-manager",
"description" : "IBM WebSphere Application Server is vulnerable to an XML External Entity (XXE) Injection vulnerability. This has been addressed in the remediation section.",
"id" : "93d1ff77-bda1-3b5c-bf78-dbd5e898db0c",
"name" : "6989451 : server1@defected1.example.com",
"updated" : "2023-06-12T09:52:44Z",
"updatedBy" : "vulnerability-manager",
"assetId" : "1a5d141a-3294-3ff3-9182-5ae1d4f3465d",
"cves" : [ {
"XForceId" : "249185",
"cvssBaseScore" : 6.3,
"description" : "IBM WebSphere Application Server is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources.",
"id" : "CVE-2023-27554"
} ],
"remediations" : [ {
"endVersion" : "9.0.5.15",
"fixPack" : "9.0.5.16",
"iFixes" : [ "PH53252" ],
"operator" : "OR",
"startVersion" : "9.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "52519c1a-76fe-3be2-b73e-cb18f3fc9892"
}, {
"created" : "2023-06-12T09:52:44Z",
"createdBy" : "vulnerability-manager",
"description" : "IBM WebSphere Application Server is vulnerable to HTTP header injection when processing web requests. This has been addressed.",
"id" : "729d3265-623c-38ee-8cc3-210279352fe3",
"name" : "6618747 : server1@defected1.example.com",
"updated" : "2023-06-12T09:52:44Z",
"updatedBy" : "vulnerability-manager",
"assetId" : "1a5d141a-3294-3ff3-9182-5ae1d4f3465d",
"cves" : [ {
"cvssBaseScore" : 5.4,
"description" : "IBM WebSphere Application Server and IBM WebSphere Application Server Liberty are vulnerable to HTTP header injection, caused by improper validation. This could allow an attacker to conduct various attacks against the vulnerable system, including cache poisoning and cross-site scripting.",
"id" : "CVE-2022-34165"
} ],
"remediations" : [ {
"endVersion" : "9.0.5.13",
"fixPack" : "9.0.5.14",
"iFixes" : [ "PH46816" ],
"operator" : "OR",
"startVersion" : "9.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "1c5264cc-d6d0-3d3a-8c17-a655998215af"
}, {
"created" : "2023-06-12T09:52:44Z",
"createdBy" : "vulnerability-manager",
"description" : "WebSphere Application Server ND is vulnerable to a directory traversal vulnerability. This has been addressed.",
"id" : "fafdcaf0-1826-3229-9d81-38515ac340d1",
"name" : "6456955 : server1@defected1.example.com",
"updated" : "2023-06-12T09:52:44Z",
"updatedBy" : "vulnerability-manager",
"assetId" : "1a5d141a-3294-3ff3-9182-5ae1d4f3465d",
"cves" : [ {
"cvssBaseScore" : 6.4,
"description" : "IBM WebSphere Application Server Network Deployment could allow a remote authenticated attacker to traverse directories. An attacker could send a specially-crafted URL request containing \"dot dot\" sequences (/../) to read and delete arbitrary files on the system.",
"id" : "CVE-2021-20517"
} ],
"remediations" : [ {
"endVersion" : "9.0.5.7",
"fixPack" : "9.0.5.8",
"iFixes" : [ "PH35098" ],
"operator" : "OR",
"startVersion" : "9.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "90ca94f2-485a-3165-9b51-13bf6e2a3acb"
}, {
"created" : "2023-06-12T09:52:44Z",
"createdBy" : "vulnerability-manager",
"description" : "There are multiple vulnerabilities in Apache HttpComponents and HttpCommons libraries which affect WebSphere Application Server. This has been addressed.",
"id" : "635e7d2f-8bd6-30ae-9c10-24f45cb5a930",
"name" : "6453091 : server1@defected1.example.com",
"updated" : "2023-06-12T09:52:44Z",
"updatedBy" : "vulnerability-manager",
"assetId" : "1a5d141a-3294-3ff3-9182-5ae1d4f3465d",
"cves" : [ {
"cvssBaseScore" : 4.3,
"description" : "Apache HttpComponents could allow a remote attacker to conduct spoofing attacks, caused by an incomplete fix related to the failure to verify that the server hostname matches a domain name in the Subject's Common Name (CN) or SubjectAltName field of certificates. By persuading a victim to visit a Web site containing a specially-crafted certificate, an attacker could exploit this vulnerability using man-in-the-middle techniques to spoof an SSL server.",
"id" : "CVE-2012-6153"
}, {
"cvssBaseScore" : 5.0,
"description" : "Apache HttpComponents could allow a remote attacker to obtain sensitive information, caused by an unspecified error in HttpClient. An attacker could exploit this vulnerability to send the Proxy-Authorization header to the host and disclose the user's password.",
"id" : "CVE-2011-1498"
}, {
"cvssBaseScore" : 5.3,
"description" : "Apache Commons is vulnerable to a denial of service, caused by the failure to apply a configured connection during the initial handshake of an HTTPS connection by the HttpClient component. An attacker could exploit this vulnerability to accumulate multiple connections and exhaust all available resources.",
"id" : "CVE-2015-5262"
}, {
"cvssBaseScore" : 4.3,
"description" : "Apache HttpComponents could allow a remote attacker to conduct spoofing attacks, caused by the failure to verify that the server hostname matches a domain name in the Subject's Common Name (CN) or SubjectAltName field of certificates. By persuading a victim to visit a Web site containing a specially-crafted certificate, an attacker could exploit this vulnerability using man-in-the-middle techniques to spoof an SSL server.",
"id" : "CVE-2014-3577"
} ],
"remediations" : [ {
"additionalInstallationInstructions" : "https://www.ibm.com/support/pages/node/6453091",
"endVersion" : "9.0.5.7",
"fixPack" : "9.0.5.8",
"iFixes" : [ "PH34944", "PH34501" ],
"operator" : "OR",
"startVersion" : "9.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "73ef7448-5ee3-381b-b981-f975f3b1ce9e"
}, {
"created" : "2023-06-12T09:52:44Z",
"createdBy" : "vulnerability-manager",
"description" : "IBM WebSphere Application Server is vulnerable to an information disclosure vulnerability. This has been addressed.",
"id" : "f5c8bbde-1a85-3689-9d86-9b26d4d4c4b0",
"name" : "6603421 : server1@defected1.example.com",
"updated" : "2023-06-12T09:52:44Z",
"updatedBy" : "vulnerability-manager",
"assetId" : "1a5d141a-3294-3ff3-9182-5ae1d4f3465d",
"cves" : [ {
"cvssBaseScore" : 3.7,
"description" : "IBM WebSphere Application Server could allow a remote attacker to obtain sensitive information caused by improper handling of Administrative Console data. This information could be used in further attacks against the system.",
"id" : "CVE-2022-22473"
} ],
"remediations" : [ {
"endVersion" : "9.0.5.12",
"fixPack" : "9.0.5.13",
"iFixes" : [ "PH46342" ],
"operator" : "OR",
"startVersion" : "9.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "be992f69-51a8-3e14-8a4d-bbdf51cc9eb7"
}, {
"created" : "2023-06-12T09:52:44Z",
"createdBy" : "vulnerability-manager",
"description" : "WebSphere Application Server is vulnerable to an XML External Entity (XXE) Injection vulnerability. This has been addressed.",
"id" : "e122b907-7bf3-31ca-9ed3-ac35f592ded9",
"name" : "6445171 : server1@defected1.example.com",
"updated" : "2023-06-12T09:52:44Z",
"updatedBy" : "vulnerability-manager",
"assetId" : "1a5d141a-3294-3ff3-9182-5ae1d4f3465d",
"cves" : [ {
"cvssBaseScore" : 8.2,
"description" : "IBM WebSphere Application Server is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources.",
"id" : "CVE-2021-20453"
} ],
"remediations" : [ {
"endVersion" : "9.0.5.7",
"fixPack" : "9.0.5.8",
"iFixes" : [ "PH34067" ],
"operator" : "OR",
"startVersion" : "9.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "bacad8ec-21f7-31c4-938c-5d281bc1202e"
}, {
"created" : "2023-06-12T09:52:44Z",
"createdBy" : "vulnerability-manager",
"description" : "There is a vulnerability in the Apache Log4j open source library used by WebSphere Application Server. This affects the WebSphere Application Server Admin Console and the UDDI Registry Application. This vulnerability has been addressed.",
"id" : "026324a2-eaf2-380a-99dc-a94daa8f69e8",
"name" : "6525706 : server1@defected1.example.com",
"updated" : "2023-06-12T09:52:44Z",
"updatedBy" : "vulnerability-manager",
"assetId" : "1a5d141a-3294-3ff3-9182-5ae1d4f3465d",
"cves" : [ {
"cvssBaseScore" : 10.0,
"description" : "Apache Log4j could allow a remote attacker to execute arbitrary code on the system, caused by the failure to protect against attacker controlled LDAP and other JNDI related endpoints by JNDI features. By sending a specially crafted code string, an attacker could exploit this vulnerability to load arbitrary Java code on the server and take complete control of the system. Note: The vulnerability is also called Log4Shell or LogJam.",
"id" : "CVE-2021-44228"
} ],
"remediations" : [ {
"additionalInstallationInstructions" : "https://www.ibm.com/support/pages/node/6525706",
"endVersion" : "9.0.5.10",
"fixPack" : "9.0.5.11",
"iFixes" : [ "PH42728" ],
"operator" : "OR",
"startVersion" : "9.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "8d4d608f-2d56-3c67-a8c8-6b963e1ce4c6"
} ],
"version" : "9.0.5.7",
"adminUiUrl" : "http://10.21.12.91:9060/ibm/console",
"edition" : "ND",
"groups" : [ "test", "WebSphere Cells", "WebSphere Cells/DefaultCell01", "WebSphere Cells/DefaultCell01/WebSphere Nodes", "WebSphere Cells/DefaultCell01/WebSphere Nodes/DefaultNode01" ],
"installDirectory" : "/opt/WAS",
"jdkId" : "f0842917-7c96-389e-b99f-302df459f944",
"lastContact" : "2023-06-12T10:19:37Z",
"profileDirectory" : "/opt/WAS/profiles/AppSrv01",
"serverName" : "server1",
"serverType" : "application-server",
"cellName" : "DefaultCell01",
"nodeName" : "DefaultNode01"
}
}Example asset deleted event (WebSphere Application Server traditional server)
{
"type" : "DELETE",
"asset" : {
"created" : "2023-06-12T09:52:43Z",
"createdBy" : "server-registration-processor",
"id" : "1a5d141a-3294-3ff3-9182-5ae1d4f3465d",
"name" : "server1@defected1.example.com",
"updated" : "2023-06-12T10:28:27Z",
"updatedBy" : "server-registration-processor",
"apars" : [ ],
"hostName" : "defected1.example.com",
"operatingSystem" : "Linux",
"operatingSystemVersion" : "3.10.0-1160.90.1.el7.x86_64",
"productName" : "WebSphere Application Server Network Deployment",
"type" : "traditional",
"unresolvedVulnerabilities" : [ {
"created" : "2023-06-12T09:52:42Z",
"createdBy" : "server-registration-processor",
"description" : "There are multiple vulnerabilities in the IBM® SDK, Java™ Technology Edition that is shipped with IBM WebSphere Application Server and IBM WebSphere Application Server Liberty. The CVE(s) listed in this document might affect some configurations of IBM WebSphere Application Server traditional and IBM WebSphere Application Server Liberty. These products have addressed the applicable CVE(s). If you run your own Java code using the IBM Java Runtime delivered with this product, you should evaluate your code to determine whether the complete list of vulnerabilities is applicable to your code. For a complete list of vulnerabilities, refer to the link for \"IBM Java SDK Security Bulletin\" located in the References section for more information. HP fixes are on a delayed schedule.",
"id" : "63d3b3f2-e49e-378b-a339-ac3753d48d33",
"name" : "6839565 : IBM J9 VM@defected1.example.com",
"updated" : "2023-06-12T09:52:42Z",
"updatedBy" : "server-registration-processor",
"assetId" : "f0842917-7c96-389e-b99f-302df459f944",
"cves" : [ {
"cvssBaseScore" : 5.3,
"description" : "An unspecified vulnerability in Java SE related to the Security component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors.",
"id" : "CVE-2022-21626"
}, {
"cvssBaseScore" : 3.7,
"description" : "An unspecified vulnerability in Java SE related to the Security component could allow an unauthenticated attacker to update, insert or delete data resulting in a low integrity impact using unknown attack vectors.",
"id" : "CVE-2022-21624"
} ],
"remediations" : [ {
"additionalInstallationInstructions" : "https://www.ibm.com/support/pages/node/6839565",
"endVersion" : "8.0.7.19",
"fixPack" : "8.0.7.20",
"iFixes" : [ "PH50734" ],
"operator" : "OR",
"startVersion" : "8.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "f0a4388b-cbb5-3e46-a267-f230db98c073"
}, {
"created" : "2023-06-12T09:52:42Z",
"createdBy" : "server-registration-processor",
"description" : "There are multiple vulnerabilities in the IBM® SDK, Java™ Technology Edition that is shipped with IBM WebSphere Application Server and IBM WebSphere Application Server Liberty. These might affect some configurations of IBM WebSphere Application Server traditional and IBM WebSphere Application Server Liberty. These products have addressed the applicable CVEs. If you run your own Java code using the IBM Java Runtime delivered with this product, you should evaluate your code to determine whether the complete list of vulnerabilities is applicable to your code. For a complete list of vulnerabilities, refer to the link for \"IBM Java SDK Security Bulletin\" located in the References section for more information. HP fixes are on a delayed schedule.",
"id" : "677299b0-2524-3c66-9c36-85c16a0a3690",
"name" : "6594523 : IBM J9 VM@defected1.example.com",
"updated" : "2023-06-12T09:52:42Z",
"updatedBy" : "server-registration-processor",
"assetId" : "f0842917-7c96-389e-b99f-302df459f944",
"cves" : [ {
"cvssBaseScore" : 5.3,
"description" : "An unspecified vulnerability in Java SE related to the JAXP component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors.",
"id" : "CVE-2022-21299"
}, {
"cvssBaseScore" : 5.3,
"description" : "An unspecified vulnerability in Java SE related to the JNDI component could allow an unauthenticated attacker to cause no confidentiality impact, low integrity impact, and no availability impact.",
"id" : "CVE-2022-21496"
} ],
"remediations" : [ {
"additionalInstallationInstructions" : "https://www.ibm.com/support/pages/node/6594523",
"endVersion" : "8.0.7.9",
"fixPack" : "8.0.7.10",
"iFixes" : [ "PH46425" ],
"operator" : "OR",
"startVersion" : "8.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "12959664-bdcc-396a-b0af-f15886b07354"
}, {
"created" : "2023-06-12T09:52:42Z",
"createdBy" : "server-registration-processor",
"description" : "There are multiple vulnerabilities in the IBM® SDK, Java™ Technology Edition that is shipped with IBM WebSphere Application Server and IBM WebSphere Application Server Liberty. The CVE(s) listed in this document might affect some configurations of IBM WebSphere Application Server traditional and IBM WebSphere Application Server Liberty. These products have addressed the applicable CVE(s). If you run your own Java code using the IBM Java Runtime delivered with this product, you should evaluate your code to determine whether the complete list of vulnerabilities is applicable to your code. For a complete list of vulnerabilities, refer to the link for \"IBM Java SDK Security Bulletin\" located in the References section for more information. HP fixes are on a delayed schedule.",
"id" : "64f1d4d4-4ea5-367d-93fe-9317af030897",
"name" : "6980375 : IBM J9 VM@defected1.example.com",
"updated" : "2023-06-12T09:52:42Z",
"updatedBy" : "server-registration-processor",
"assetId" : "f0842917-7c96-389e-b99f-302df459f944",
"cves" : [ {
"cvssBaseScore" : 5.3,
"description" : "An unspecified vulnerability in Java SE related to the JAXP component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors.",
"id" : "CVE-2022-21426"
}, {
"cvssBaseScore" : 5.3,
"description" : "An unspecified vulnerability in Java SE related to the Serialization component could allow a remote attacker to cause a denial of service resulting in a low integrity impact using unknown attack vectors.",
"id" : "CVE-2023-21830"
} ],
"remediations" : [ {
"additionalInstallationInstructions" : "https://www.ibm.com/support/pages/node/6980375",
"endVersion" : "8.0.7.99",
"fixPack" : "8.0.8.0",
"iFixes" : [ "PH53088" ],
"operator" : "OR",
"startVersion" : "8.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "1775bdd2-6649-350f-9442-0fbd4abeb4f7"
}, {
"created" : "2023-06-12T09:52:42Z",
"createdBy" : "server-registration-processor",
"description" : "There are multiple vulnerabilities in the IBM® SDK, Java™ Technology Edition that is shipped with IBM WebSphere Application Server and IBM WebSphere Application Server Liberty. The CVE(s) listed in this document might affect some configurations of IBM WebSphere Application Server traditional and IBM WebSphere Application Server Liberty. These products have addressed the applicable CVE(s). If you run your own Java code using the IBM Java Runtime delivered with this product, you should evaluate your code to determine whether the complete list of vulnerabilities is applicable to your code. For a complete list of vulnerabilities, refer to the link for \"IBM Java SDK Security Bulletin\" located in the References section for more information. HP fixes are on a delayed schedule.",
"id" : "5041b7c1-f13a-34aa-b544-94a22aab4960",
"name" : "6616953 : IBM J9 VM@defected1.example.com",
"updated" : "2023-06-12T09:52:42Z",
"updatedBy" : "server-registration-processor",
"assetId" : "f0842917-7c96-389e-b99f-302df459f944",
"cves" : [ {
"cvssBaseScore" : 5.3,
"description" : "An unspecified vulnerability in Java SE related to the Libraries component could allow an unauthenticated attacker to cause no confidentiality impact, high integrity impact, and no availability impact.",
"id" : "CVE-2021-2163"
} ],
"remediations" : [ {
"additionalInstallationInstructions" : "https://www.ibm.com/support/pages/node/6616953",
"endVersion" : "8.0.7.14",
"fixPack" : "8.0.7.15",
"iFixes" : [ "PH48649" ],
"operator" : "OR",
"startVersion" : "8.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "ce701624-9b78-3923-bc80-967995bab0da"
}, {
"created" : "2023-06-12T09:52:42Z",
"createdBy" : "server-registration-processor",
"description" : "There is a vulnerability in the IBM® SDK, Java™ Technology Edition that is shipped with IBM WebSphere Application Server and IBM WebSphere Application Server Liberty. The CVE(s) listed in this document might affect some configurations of IBM WebSphere Application Server traditional and IBM WebSphere Application Server Liberty. These products have addressed the applicable CVE. If you run your own Java code using the IBM Java Runtime delivered with this product, you should evaluate your code to determine whether this vulnerability is applicable to your code. Refer to the link for \"IBM Java SDK Security Bulletin\" located in the References section for more information.",
"id" : "69999989-8e75-38c2-9c73-f75ffc4dcf59",
"name" : "6986617 : IBM J9 VM@defected1.example.com",
"updated" : "2023-06-12T09:52:42Z",
"updatedBy" : "server-registration-processor",
"assetId" : "f0842917-7c96-389e-b99f-302df459f944",
"cves" : [ {
"cvssBaseScore" : 7.5,
"description" : "IBM Runtime Environment, Java Technology Edition IBMJCEPlus and JSSE components could expose sensitive information using a combination of flaws and configurations.",
"id" : "CVE-2023-30441"
} ],
"remediations" : [ {
"additionalInstallationInstructions" : "https://www.ibm.com/support/pages/node/6986617",
"endVersion" : "8.0.7.14",
"fixPack" : "8.0.7.15",
"iFixes" : [ "PH53088" ],
"operator" : "OR",
"startVersion" : "8.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "eb0bc67a-81be-3497-a33c-ae909eef69da"
}, {
"created" : "2023-06-12T09:52:42Z",
"createdBy" : "server-registration-processor",
"description" : "There are multiple vulnerabilities in the IBM® SDK, Java™ Technology Edition that is shipped with IBM WebSphere Application Server and IBM WebSphere Application Server Liberty. The CVE(s) listed in this document might affect some configurations of IBM WebSphere Application Server traditional and IBM WebSphere Application Server Liberty. These products have addressed the applicable CVE(s). If you run your own Java code using the IBM Java Runtime delivered with this product, you should evaluate your code to determine whether the complete list of vulnerabilities is applicable to your code. For a complete list of vulnerabilities, refer to the link for \"IBM Java SDK Security Bulletin\" located in the References section for more information. HP fixes are on a delayed schedule.",
"id" : "f360346c-e134-39fb-ac92-61e089e2bf7f",
"name" : "7001677 : IBM J9 VM@defected1.example.com",
"updated" : "2023-06-12T09:52:42Z",
"updatedBy" : "server-registration-processor",
"assetId" : "f0842917-7c96-389e-b99f-302df459f944",
"cves" : [ {
"cvssBaseScore" : 3.7,
"description" : "An unspecified vulnerability in Oracle Java SE, Oracle GraalVM Enterprise Edition related to the Networking component could allow a remote attacker to cause integrity impact.",
"id" : "CVE-2023-21937"
}, {
"cvssBaseScore" : 5.9,
"description" : "An unspecified vulnerability in Oracle Java SE, Oracle GraalVM Enterprise Edition related to the JSSE component could allow a remote attacker to cause high availability impact.",
"id" : "CVE-2023-21954"
}, {
"cvssBaseScore" : 3.7,
"description" : "An unspecified vulnerability in Oracle Java SE, Oracle GraalVM Enterprise Edition related to the Libraries component could allow a remote attacker to cause integrity impact.",
"id" : "CVE-2023-21938"
}, {
"cvssBaseScore" : 5.9,
"description" : "An unspecified vulnerability in Oracle Java SE, Oracle GraalVM Enterprise Edition related to the Hotspot component could allow a remote attacker to cause high confidentiality impact.",
"id" : "CVE-2023-21967"
}, {
"cvssBaseScore" : 7.4,
"description" : "An unspecified vulnerability in Oracle Java SE, Oracle GraalVM Enterprise Edition related to the JSSE component could allow an unauthenticated attacker to cause high confidentiality impact and high integrity impact.",
"id" : "CVE-2023-21930"
}, {
"cvssBaseScore" : 3.7,
"description" : "An unspecified vulnerability in Oracle Java SE and GraalVM Enterprise Edition related to the Libraries component could allow an unauthenticated attacker to cause low integrity impact.",
"id" : "CVE-2023-21968"
} ],
"remediations" : [ {
"additionalInstallationInstructions" : "https://www.ibm.com/support/pages/node/7001677",
"endVersion" : "8.0.8.4",
"fixPack" : "8.0.8.5",
"iFixes" : [ "PH54908" ],
"operator" : "OR",
"startVersion" : "8.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "c0533ed3-cdf3-3305-a667-7757bdeaca62"
}, {
"created" : "2023-06-12T09:52:43Z",
"createdBy" : "vulnerability-manager",
"description" : "IBM WebSphere Application Server is vulnerable to cross-site scripting in the Admin Console. This has been addressed.",
"id" : "c4686ba1-62b7-3b3d-ac80-48dba51f076a",
"name" : "6603417 : server1@defected1.example.com",
"updated" : "2023-06-12T09:52:43Z",
"updatedBy" : "vulnerability-manager",
"assetId" : "1a5d141a-3294-3ff3-9182-5ae1d4f3465d",
"cves" : [ {
"cvssBaseScore" : 6.1,
"description" : "IBM WebSphere Application Server is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.",
"id" : "CVE-2022-22477"
} ],
"remediations" : [ {
"endVersion" : "9.0.5.13",
"fixPack" : "9.0.5.14",
"iFixes" : [ "PH50116" ],
"operator" : "OR",
"startVersion" : "9.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "8802da81-52eb-3c2f-93f7-12a6875b026a"
}, {
"created" : "2023-06-12T09:52:43Z",
"createdBy" : "vulnerability-manager",
"description" : "WebSphere Application Server is vulnerable to a privilege escalation vulnerability. This has been addressed.",
"id" : "35b3dd3c-fac9-3e33-bd31-ac6fd27a8951",
"name" : "6462627 : server1@defected1.example.com",
"updated" : "2023-06-12T09:52:43Z",
"updatedBy" : "vulnerability-manager",
"assetId" : "1a5d141a-3294-3ff3-9182-5ae1d4f3465d",
"cves" : [ {
"cvssBaseScore" : 4.2,
"description" : "IBM WebSphere Application Server is vulnerable to a privilege escalation vulnerability when using the SAML Web Inbound Trust Association Interceptor (TAI).",
"id" : "CVE-2021-29754"
} ],
"remediations" : [ {
"endVersion" : "9.0.5.7",
"fixPack" : "9.0.5.8",
"iFixes" : [ "PH36253" ],
"operator" : "OR",
"startVersion" : "9.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "be374926-02be-3165-8714-c06108174d80"
}, {
"created" : "2023-06-12T09:52:43Z",
"createdBy" : "vulnerability-manager",
"description" : "There is a vulnerability in the Apache Commons FileUpload library used by IBM WebSphere Application Server and used by IBM WebSphere Application Server Liberty with the servlet-3.0, servlet-3.1, servlet-4.0, servlet-5.0 or servlet-6.0 feature enabled. This has been addressed in the remediation section.",
"id" : "433af02b-da8d-3f6e-ab2c-bf59f8dca3a4",
"name" : "6982047 : server1@defected1.example.com",
"updated" : "2023-06-12T09:52:43Z",
"updatedBy" : "vulnerability-manager",
"assetId" : "1a5d141a-3294-3ff3-9182-5ae1d4f3465d",
"cves" : [ {
"cvssBaseScore" : 7.5,
"description" : "Apache Commons FileUpload and Tomcat are vulnerable to a denial of service, caused by not limit the number of request parts to be processed in the file upload function. By sending a specially-crafted request with series of uploads, a remote attacker could exploit this vulnerability to cause a denial of service condition.",
"id" : "CVE-2023-24998"
} ],
"remediations" : [ {
"endVersion" : "9.0.5.15",
"fixPack" : "9.0.5.16",
"iFixes" : [ "PH50863" ],
"operator" : "OR",
"startVersion" : "9.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "7e38c015-dd84-351a-8084-47eeda5fc3e4"
}, {
"created" : "2023-06-12T09:52:43Z",
"createdBy" : "vulnerability-manager",
"description" : "WebSphere Application Server is vulnerable to a Denial of Service. This has been addressed.",
"id" : "a2140afb-b68f-351c-a7ae-5958058ecfe1",
"name" : "6524674 : server1@defected1.example.com",
"updated" : "2023-06-12T09:52:43Z",
"updatedBy" : "vulnerability-manager",
"assetId" : "1a5d141a-3294-3ff3-9182-5ae1d4f3465d",
"cves" : [ {
"cvssBaseScore" : 7.5,
"description" : "IBM WebSphere Application Server is vulnerable to a denial of service, caused by sending a specially-crafted request. A remote attacker could exploit this vulnerability to cause the server to consume all available CPU resources.",
"id" : "CVE-2021-38951"
} ],
"remediations" : [ {
"endVersion" : "9.0.5.10",
"fixPack" : "9.0.5.11",
"iFixes" : [ "PH41676" ],
"operator" : "OR",
"startVersion" : "9.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "f5697581-ef60-3b61-a7bd-f7a35fe31c09"
}, {
"created" : "2023-06-12T09:52:43Z",
"createdBy" : "vulnerability-manager",
"description" : "IBM WebSphere Application Server is vulnerable to spoofing when the Ajax Proxy Web Application (AjaxProxy.war) is deployed. This has been addressed.",
"id" : "1cb30b87-cfac-3d3a-8819-448212c5ef72",
"name" : "6587947 : server1@defected1.example.com",
"updated" : "2023-06-12T09:52:43Z",
"updatedBy" : "vulnerability-manager",
"assetId" : "1a5d141a-3294-3ff3-9182-5ae1d4f3465d",
"cves" : [ {
"cvssBaseScore" : 5.6,
"description" : "IBM WebSphere Application Server, with the Ajax Proxy Web Application (AjaxProxy.war) deployed, is vulnerable to spoofing by allowing a man-in-the-middle attacker to spoof SSL server hostnames.",
"id" : "CVE-2022-22365"
} ],
"remediations" : [ {
"endVersion" : "9.0.5.12",
"fixPack" : "9.0.5.13",
"iFixes" : [ "PH44339" ],
"operator" : "OR",
"startVersion" : "9.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "dea61e89-3789-3bb9-8919-2eece51ac6e4"
}, {
"created" : "2023-06-12T09:52:43Z",
"createdBy" : "vulnerability-manager",
"description" : "WebSphere Application Server is vulnerable to a privilege escalation vulnerability. This has been addressed.",
"id" : "0313e954-fc3a-30c0-871b-1b27aed82dc0",
"name" : "6476678 : server1@defected1.example.com",
"updated" : "2023-06-12T09:52:43Z",
"updatedBy" : "vulnerability-manager",
"assetId" : "1a5d141a-3294-3ff3-9182-5ae1d4f3465d",
"cves" : [ {
"cvssBaseScore" : 5.0,
"description" : "IBM WebSphere Application Server could allow a remote user to gain elevated privileges on the system.",
"id" : "CVE-2021-29736"
} ],
"remediations" : [ {
"endVersion" : "9.0.5.8",
"fixPack" : "9.0.5.9",
"iFixes" : [ "PH34690" ],
"operator" : "OR",
"startVersion" : "9.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "7e319bee-f621-3c68-89db-e02d75e4a096"
}, {
"created" : "2023-06-12T09:52:43Z",
"createdBy" : "vulnerability-manager",
"description" : "IBM WebSphere Application Server traditional is vulnerable to a remote code execution vulnerability. This has been addressed.",
"id" : "2cf78bf7-89ae-3212-ae1f-971cdeffb08d",
"name" : "6891111 : server1@defected1.example.com",
"updated" : "2023-06-12T09:52:43Z",
"updatedBy" : "vulnerability-manager",
"assetId" : "1a5d141a-3294-3ff3-9182-5ae1d4f3465d",
"cves" : [ {
"cvssBaseScore" : 8.1,
"description" : "IBM WebSphere Application Server traditional could allow a remote attacker to execute arbitrary code on the system with a specially crafted sequence of serialized objects.",
"id" : "CVE-2023-23477"
} ],
"remediations" : [ {
"endVersion" : "9.0.5.7",
"fixPack" : "9.0.5.8",
"iFixes" : [ ],
"startVersion" : "9.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "61ef025f-d114-3a62-8364-5d6da16fe406"
}, {
"created" : "2023-06-12T09:52:43Z",
"createdBy" : "vulnerability-manager",
"description" : "IBM WebSphere Application Server is vulnerable to clickjacking when REST API discovery is configured through the WebSphere administrative console Web Container settings to enable the API Discovery service, or through IBM WebSphere Application Server Liberty features mpOpenAPI-1.0, mpOpenAPI-1.1, mpOpenAPI-2.0, apiDiscovery-1.0, openapi-3.0 or openapi-3.1. This has been addressed.",
"id" : "c6adb21f-da01-3e00-ad4a-780564c24fd0",
"name" : "6559044 : server1@defected1.example.com",
"updated" : "2023-06-12T09:52:43Z",
"updatedBy" : "vulnerability-manager",
"assetId" : "1a5d141a-3294-3ff3-9182-5ae1d4f3465d",
"cves" : [ {
"cvssBaseScore" : 4.4,
"description" : "IBM WebSphere Application Server could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim.",
"id" : "CVE-2021-39038"
} ],
"remediations" : [ {
"additionalInstallationInstructions" : "https://www.ibm.com/support/pages/node/6559044",
"endVersion" : "9.0.5.11",
"fixPack" : "9.0.5.12",
"iFixes" : [ "PH43760" ],
"operator" : "OR",
"startVersion" : "9.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "9ba75eb9-b77d-3071-843b-4f487d79f9f4"
}, {
"created" : "2023-06-12T09:52:43Z",
"createdBy" : "vulnerability-manager",
"description" : "IBM WebSphere Application Server is vulnerable to cross-site scripting in the Admin Console. This has been addressed in the remediation section.",
"id" : "a5738dd9-a9e6-3f47-9fea-49c3cc66814c",
"name" : "6964836 : server1@defected1.example.com",
"updated" : "2023-06-12T09:52:43Z",
"updatedBy" : "vulnerability-manager",
"assetId" : "1a5d141a-3294-3ff3-9182-5ae1d4f3465d",
"cves" : [ {
"cvssBaseScore" : 5.4,
"description" : "IBM WebSphere Application Server is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.",
"id" : "CVE-2023-26283"
} ],
"remediations" : [ {
"endVersion" : "9.0.5.14",
"fixPack" : "9.0.5.15",
"iFixes" : [ "PH52925" ],
"operator" : "OR",
"startVersion" : "9.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "3c7e6c23-1aca-3ef3-9a65-67c328c5853f"
}, {
"created" : "2023-06-12T09:52:43Z",
"createdBy" : "vulnerability-manager",
"description" : "IBM WebSphere Application Server is vulnerable to cross site scripting in the Admin Console. This has been addressed in the remediation section.",
"id" : "a4c6b74b-5384-3ac3-bc38-fbf963faf2e7",
"name" : "6986333 : server1@defected1.example.com",
"updated" : "2023-06-12T09:52:43Z",
"updatedBy" : "vulnerability-manager",
"assetId" : "1a5d141a-3294-3ff3-9182-5ae1d4f3465d",
"cves" : [ {
"cvssBaseScore" : 6.1,
"description" : "IBM WebSphere Application Server is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.",
"id" : "CVE-2023-24966"
} ],
"remediations" : [ {
"endVersion" : "9.0.5.15",
"fixPack" : "9.0.5.16",
"iFixes" : [ "PH52785" ],
"operator" : "OR",
"startVersion" : "9.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "1e91ecba-f905-35b9-8914-b94fbe1c5d10"
}, {
"created" : "2023-06-12T09:52:44Z",
"createdBy" : "vulnerability-manager",
"description" : "WebSphere Application Server is vulnerable to an XML External Entity (XXE) Injection vulnerability. This has been addressed.",
"id" : "cce3f85c-5e93-3e54-8df5-a05f94a4806d",
"name" : "6445481 : server1@defected1.example.com",
"updated" : "2023-06-12T09:52:44Z",
"updatedBy" : "vulnerability-manager",
"assetId" : "1a5d141a-3294-3ff3-9182-5ae1d4f3465d",
"cves" : [ {
"cvssBaseScore" : 8.2,
"description" : "IBM WebSphere Application Server is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources.",
"id" : "CVE-2021-20454"
} ],
"remediations" : [ {
"endVersion" : "9.0.5.7",
"fixPack" : "9.0.5.8",
"iFixes" : [ "PH34048" ],
"operator" : "OR",
"startVersion" : "9.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "08348fe6-671e-3532-96eb-b60a58a03367"
}, {
"created" : "2023-06-12T09:52:44Z",
"createdBy" : "vulnerability-manager",
"description" : "There is a vulnerability in the Apache MyFaces library used by WebSphere Application Server. This has been addressed.",
"id" : "e9b23440-3250-30ec-8bca-c0c50c7e8f78",
"name" : "6441433 : server1@defected1.example.com",
"updated" : "2023-06-12T09:52:44Z",
"updatedBy" : "vulnerability-manager",
"assetId" : "1a5d141a-3294-3ff3-9182-5ae1d4f3465d",
"cves" : [ {
"cvssBaseScore" : 8.8,
"description" : "Apache MyFaces is vulnerable to cross-site request forgery, caused by improper validation of user-supplied input. By persuading an authenticated user to visit a malicious Web site, a remote attacker could send a malformed HTTP request to perform unauthorized actions. An attacker could exploit this vulnerability to perform cross-site scripting attacks, Web cache poisoning, and other malicious activities.",
"id" : "CVE-2021-26296"
} ],
"remediations" : [ {
"endVersion" : "9.0.5.7",
"fixPack" : "9.0.5.8",
"iFixes" : [ "PH34711" ],
"operator" : "OR",
"startVersion" : "9.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "7814fd6a-4917-3874-b7b8-37522966a735"
}, {
"created" : "2023-06-12T09:52:44Z",
"createdBy" : "vulnerability-manager",
"description" : "IBM WebSphere Application Server is vulnerable to cross-site scripting in the Admin Console. This has been addressed.",
"id" : "92e7e186-3cac-3a8e-be3e-a79bd9476171",
"name" : "6619699 : server1@defected1.example.com",
"updated" : "2023-06-12T09:52:44Z",
"updatedBy" : "vulnerability-manager",
"assetId" : "1a5d141a-3294-3ff3-9182-5ae1d4f3465d",
"cves" : [ {
"cvssBaseScore" : 5.4,
"description" : "IBM WebSphere Application Server is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.",
"id" : "CVE-2022-34336"
} ],
"remediations" : [ {
"endVersion" : "9.0.5.13",
"fixPack" : "9.0.5.14",
"iFixes" : [ "PH47531" ],
"operator" : "OR",
"startVersion" : "9.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "8105e268-19d7-3957-a696-19a7d46fe79f"
}, {
"created" : "2023-06-12T09:52:44Z",
"createdBy" : "vulnerability-manager",
"description" : "WebSphere Application Server configured with a federated repository is vulnerable to information disclosure. This has been addressed.",
"id" : "b3416175-d897-39fc-8850-05fbc3f6906b",
"name" : "6489485 : server1@defected1.example.com",
"updated" : "2023-06-12T09:52:44Z",
"updatedBy" : "vulnerability-manager",
"assetId" : "1a5d141a-3294-3ff3-9182-5ae1d4f3465d",
"cves" : [ {
"cvssBaseScore" : 3.7,
"description" : "IBM WebSphere Application Server could allow a remote user to enumerate usernames due to a difference of responses from valid and invalid login attempts.",
"id" : "CVE-2021-29842"
} ],
"remediations" : [ {
"endVersion" : "9.0.5.9",
"fixPack" : "9.0.5.10",
"iFixes" : [ "PH38929" ],
"operator" : "OR",
"startVersion" : "9.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "791c10df-84f1-3028-864a-4292ddd58959"
}, {
"created" : "2023-06-12T09:52:44Z",
"createdBy" : "vulnerability-manager",
"description" : "IBM WebSphere Application Server is vulnerable to a server-side request forgery vulnerability. This has been addressed.",
"id" : "782aee30-3fac-3135-bba0-b93f1076d622",
"name" : "6824179 : server1@defected1.example.com",
"updated" : "2023-06-12T09:52:44Z",
"updatedBy" : "vulnerability-manager",
"assetId" : "1a5d141a-3294-3ff3-9182-5ae1d4f3465d",
"cves" : [ {
"cvssBaseScore" : 4.3,
"description" : "IBM WebSphere Application Server is vulnerable to server-side request forgery (SSRF). By sending a specially crafted request, an attacker with local network access could exploit this vulnerability to obtain sensitive data.",
"id" : "CVE-2022-35282"
} ],
"remediations" : [ {
"endVersion" : "9.0.5.13",
"fixPack" : "9.0.5.14",
"iFixes" : [ "PH47385" ],
"operator" : "OR",
"startVersion" : "9.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "ec6eca06-f907-3462-8bc3-f4d2eca13f9c"
}, {
"created" : "2023-06-12T09:52:44Z",
"createdBy" : "vulnerability-manager",
"description" : "IBM WebSphere Application Server is vulnerable to SOAPAction spoofing when processing JAX-WS Web Services requests. This has been addressed.",
"id" : "e3517f60-d418-3950-89b8-e283f4dfe04c",
"name" : "6829907 : server1@defected1.example.com",
"updated" : "2023-06-12T09:52:44Z",
"updatedBy" : "vulnerability-manager",
"assetId" : "1a5d141a-3294-3ff3-9182-5ae1d4f3465d",
"cves" : [ {
"cvssBaseScore" : 5.9,
"description" : "IBM WebSphere Application Server Web services could allow a man-in-the-middle attacker to conduct SOAPAction spoofing to execute unwanted or unauthorized operations.",
"id" : "CVE-2022-38712"
} ],
"remediations" : [ {
"endVersion" : "9.0.5.13",
"fixPack" : "9.0.5.14",
"iFixes" : [ "PH49111" ],
"operator" : "OR",
"startVersion" : "9.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "87678508-9609-3d99-8ac8-0475b5614840"
}, {
"created" : "2023-06-12T09:52:44Z",
"createdBy" : "vulnerability-manager",
"description" : "WebSphere Application Server Java Batch is vulnerable to an XML External Entity Injection (XXE) vulnerability. This has been addressed.",
"id" : "5a698e36-7edb-3c94-bbbe-0d9739a3a851",
"name" : "6456017 : server1@defected1.example.com",
"updated" : "2023-06-12T09:52:44Z",
"updatedBy" : "vulnerability-manager",
"assetId" : "1a5d141a-3294-3ff3-9182-5ae1d4f3465d",
"cves" : [ {
"cvssBaseScore" : 6.5,
"description" : "IBM WebSphere Application Server Java Batch is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources.",
"id" : "CVE-2021-20492"
} ],
"remediations" : [ {
"endVersion" : "9.0.5.7",
"fixPack" : "9.0.5.8",
"iFixes" : [ "PH34906" ],
"operator" : "OR",
"startVersion" : "9.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "811e686e-3e94-3abc-a6cd-35cc6238bca1"
}, {
"created" : "2023-06-12T09:52:44Z",
"createdBy" : "vulnerability-manager",
"description" : "IBM WebSphere Application Server is vulnerable to an XML External Entity (XXE) Injection vulnerability. This has been addressed in the remediation section.",
"id" : "93d1ff77-bda1-3b5c-bf78-dbd5e898db0c",
"name" : "6989451 : server1@defected1.example.com",
"updated" : "2023-06-12T09:52:44Z",
"updatedBy" : "vulnerability-manager",
"assetId" : "1a5d141a-3294-3ff3-9182-5ae1d4f3465d",
"cves" : [ {
"XForceId" : "249185",
"cvssBaseScore" : 6.3,
"description" : "IBM WebSphere Application Server is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources.",
"id" : "CVE-2023-27554"
} ],
"remediations" : [ {
"endVersion" : "9.0.5.15",
"fixPack" : "9.0.5.16",
"iFixes" : [ "PH53252" ],
"operator" : "OR",
"startVersion" : "9.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "52519c1a-76fe-3be2-b73e-cb18f3fc9892"
}, {
"created" : "2023-06-12T09:52:44Z",
"createdBy" : "vulnerability-manager",
"description" : "IBM WebSphere Application Server is vulnerable to HTTP header injection when processing web requests. This has been addressed.",
"id" : "729d3265-623c-38ee-8cc3-210279352fe3",
"name" : "6618747 : server1@defected1.example.com",
"updated" : "2023-06-12T09:52:44Z",
"updatedBy" : "vulnerability-manager",
"assetId" : "1a5d141a-3294-3ff3-9182-5ae1d4f3465d",
"cves" : [ {
"cvssBaseScore" : 5.4,
"description" : "IBM WebSphere Application Server and IBM WebSphere Application Server Liberty are vulnerable to HTTP header injection, caused by improper validation. This could allow an attacker to conduct various attacks against the vulnerable system, including cache poisoning and cross-site scripting.",
"id" : "CVE-2022-34165"
} ],
"remediations" : [ {
"endVersion" : "9.0.5.13",
"fixPack" : "9.0.5.14",
"iFixes" : [ "PH46816" ],
"operator" : "OR",
"startVersion" : "9.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "1c5264cc-d6d0-3d3a-8c17-a655998215af"
}, {
"created" : "2023-06-12T09:52:44Z",
"createdBy" : "vulnerability-manager",
"description" : "WebSphere Application Server ND is vulnerable to a directory traversal vulnerability. This has been addressed.",
"id" : "fafdcaf0-1826-3229-9d81-38515ac340d1",
"name" : "6456955 : server1@defected1.example.com",
"updated" : "2023-06-12T09:52:44Z",
"updatedBy" : "vulnerability-manager",
"assetId" : "1a5d141a-3294-3ff3-9182-5ae1d4f3465d",
"cves" : [ {
"cvssBaseScore" : 6.4,
"description" : "IBM WebSphere Application Server Network Deployment could allow a remote authenticated attacker to traverse directories. An attacker could send a specially-crafted URL request containing \"dot dot\" sequences (/../) to read and delete arbitrary files on the system.",
"id" : "CVE-2021-20517"
} ],
"remediations" : [ {
"endVersion" : "9.0.5.7",
"fixPack" : "9.0.5.8",
"iFixes" : [ "PH35098" ],
"operator" : "OR",
"startVersion" : "9.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "90ca94f2-485a-3165-9b51-13bf6e2a3acb"
}, {
"created" : "2023-06-12T09:52:44Z",
"createdBy" : "vulnerability-manager",
"description" : "There are multiple vulnerabilities in Apache HttpComponents and HttpCommons libraries which affect WebSphere Application Server. This has been addressed.",
"id" : "635e7d2f-8bd6-30ae-9c10-24f45cb5a930",
"name" : "6453091 : server1@defected1.example.com",
"updated" : "2023-06-12T09:52:44Z",
"updatedBy" : "vulnerability-manager",
"assetId" : "1a5d141a-3294-3ff3-9182-5ae1d4f3465d",
"cves" : [ {
"cvssBaseScore" : 4.3,
"description" : "Apache HttpComponents could allow a remote attacker to conduct spoofing attacks, caused by an incomplete fix related to the failure to verify that the server hostname matches a domain name in the Subject's Common Name (CN) or SubjectAltName field of certificates. By persuading a victim to visit a Web site containing a specially-crafted certificate, an attacker could exploit this vulnerability using man-in-the-middle techniques to spoof an SSL server.",
"id" : "CVE-2012-6153"
}, {
"cvssBaseScore" : 5.0,
"description" : "Apache HttpComponents could allow a remote attacker to obtain sensitive information, caused by an unspecified error in HttpClient. An attacker could exploit this vulnerability to send the Proxy-Authorization header to the host and disclose the user's password.",
"id" : "CVE-2011-1498"
}, {
"cvssBaseScore" : 5.3,
"description" : "Apache Commons is vulnerable to a denial of service, caused by the failure to apply a configured connection during the initial handshake of an HTTPS connection by the HttpClient component. An attacker could exploit this vulnerability to accumulate multiple connections and exhaust all available resources.",
"id" : "CVE-2015-5262"
}, {
"cvssBaseScore" : 4.3,
"description" : "Apache HttpComponents could allow a remote attacker to conduct spoofing attacks, caused by the failure to verify that the server hostname matches a domain name in the Subject's Common Name (CN) or SubjectAltName field of certificates. By persuading a victim to visit a Web site containing a specially-crafted certificate, an attacker could exploit this vulnerability using man-in-the-middle techniques to spoof an SSL server.",
"id" : "CVE-2014-3577"
} ],
"remediations" : [ {
"additionalInstallationInstructions" : "https://www.ibm.com/support/pages/node/6453091",
"endVersion" : "9.0.5.7",
"fixPack" : "9.0.5.8",
"iFixes" : [ "PH34944", "PH34501" ],
"operator" : "OR",
"startVersion" : "9.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "73ef7448-5ee3-381b-b981-f975f3b1ce9e"
}, {
"created" : "2023-06-12T09:52:44Z",
"createdBy" : "vulnerability-manager",
"description" : "IBM WebSphere Application Server is vulnerable to an information disclosure vulnerability. This has been addressed.",
"id" : "f5c8bbde-1a85-3689-9d86-9b26d4d4c4b0",
"name" : "6603421 : server1@defected1.example.com",
"updated" : "2023-06-12T09:52:44Z",
"updatedBy" : "vulnerability-manager",
"assetId" : "1a5d141a-3294-3ff3-9182-5ae1d4f3465d",
"cves" : [ {
"cvssBaseScore" : 3.7,
"description" : "IBM WebSphere Application Server could allow a remote attacker to obtain sensitive information caused by improper handling of Administrative Console data. This information could be used in further attacks against the system.",
"id" : "CVE-2022-22473"
} ],
"remediations" : [ {
"endVersion" : "9.0.5.12",
"fixPack" : "9.0.5.13",
"iFixes" : [ "PH46342" ],
"operator" : "OR",
"startVersion" : "9.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "be992f69-51a8-3e14-8a4d-bbdf51cc9eb7"
}, {
"created" : "2023-06-12T09:52:44Z",
"createdBy" : "vulnerability-manager",
"description" : "WebSphere Application Server is vulnerable to an XML External Entity (XXE) Injection vulnerability. This has been addressed.",
"id" : "e122b907-7bf3-31ca-9ed3-ac35f592ded9",
"name" : "6445171 : server1@defected1.example.com",
"updated" : "2023-06-12T09:52:44Z",
"updatedBy" : "vulnerability-manager",
"assetId" : "1a5d141a-3294-3ff3-9182-5ae1d4f3465d",
"cves" : [ {
"cvssBaseScore" : 8.2,
"description" : "IBM WebSphere Application Server is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources.",
"id" : "CVE-2021-20453"
} ],
"remediations" : [ {
"endVersion" : "9.0.5.7",
"fixPack" : "9.0.5.8",
"iFixes" : [ "PH34067" ],
"operator" : "OR",
"startVersion" : "9.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 0,
"securityBulletinId" : "bacad8ec-21f7-31c4-938c-5d281bc1202e"
}, {
"created" : "2023-06-12T09:52:43Z",
"createdBy" : "vulnerability-manager",
"description" : "There is a vulnerability in the Apache log4j library used by IBM WebSphere Application Server traditional in the Admin Console and UDDI Registry application. This has been addressed in IBM WebSphere Application Server by removing log4j from the Admin Console and UDDI Registry application.",
"id" : "8574b9fe-b61e-3a9b-9285-4d8568007956",
"name" : "6538148 : server1@defected1.example.com",
"updated" : "2023-06-12T10:28:25Z",
"updatedBy" : "server-registration-processor",
"assetId" : "1a5d141a-3294-3ff3-9182-5ae1d4f3465d",
"cves" : [ {
"cvssBaseScore" : 7.5,
"description" : "Apache Log4j is vulnerable to a denial of service, caused by the failure to protect from uncontrolled recursion from self-referential lookups. A remote attacker with control over Thread Context Map (MDC) input data could craft malicious input data that contains a recursive lookup to cause a StackOverflowError that will terminate the process. Note: The vulnerability is also called LOG4J2-3230.",
"id" : "CVE-2021-45105"
}, {
"cvssBaseScore" : 6.6,
"description" : "Apache Log4j could allow a remote attacker with permission to modify the logging configuration file to execute arbitrary code on the system. By constructing a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI , an attacker could exploit this vulnerability to execute remote code.",
"id" : "CVE-2021-44832"
} ],
"remediations" : [ {
"additionalInstallationInstructions" : "https://www.ibm.com/support/pages/node/6538148",
"endVersion" : "9.0.5.10",
"fixPack" : "9.0.5.11",
"iFixes" : [ "PH42762" ],
"operator" : "OR",
"startVersion" : "9.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 1738,
"securityBulletinId" : "f7d7516a-64f8-3cc1-8b59-4f767b2b7a6d"
}, {
"created" : "2023-06-12T09:52:43Z",
"createdBy" : "vulnerability-manager",
"description" : "There is a vulnerability in the Apache log4j library used by IBM WebSphere Application Server in the Admin Console and UDDI Registry application and used by the IBM WebSphere Application Server Liberty for z/OS in features zosConnect-1.0 and zosConnect-1.2. This has been addressed in IBM WebSphere Application Server by removing log4j from the Admin Console and UDDI Registry application. This has been addressed in IBM WebSphere Application Server Liberty for z/OS by removing log4j from the zosConnect-1.0 and zosConnect-1.2 features.",
"id" : "204166a3-16ad-3b80-bccb-f8d5e69d1d44",
"name" : "6526750 : server1@defected1.example.com",
"updated" : "2023-06-12T10:28:25Z",
"updatedBy" : "server-registration-processor",
"assetId" : "1a5d141a-3294-3ff3-9182-5ae1d4f3465d",
"cves" : [ {
"cvssBaseScore" : 9.0,
"description" : "Apache Log4j is vulnerable to a denial of service, caused by an incomplete fix of CVE-2021-44228 in certain non-default configurations. A remote attacker with control over Thread Context Map (MDC) input data or a Thread Context Map pattern to exploit this vulnerability to craft malicious input data using a JNDI Lookup pattern and cause a denial of service.",
"id" : "CVE-2021-45046"
}, {
"cvssBaseScore" : 8.1,
"description" : "Apache Log4j could allow a remote attacker to execute arbitrary code on the system, caused by the deserialization of untrusted data when the attacker has write access to the Log4j configuration. If the deployed application is configured to use JMSAppender, an attacker could exploit this vulnerability to execute arbitrary code on the system.",
"id" : "CVE-2021-4104"
} ],
"remediations" : [ {
"additionalInstallationInstructions" : "https://www.ibm.com/support/pages/node/6526750",
"endVersion" : "9.0.5.10",
"fixPack" : "9.0.5.11",
"iFixes" : [ "PH42762" ],
"operator" : "OR",
"startVersion" : "9.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 1738,
"securityBulletinId" : "7a9fe3c4-0557-342d-86dd-92bb80c27a47"
}, {
"created" : "2023-06-12T09:52:43Z",
"createdBy" : "vulnerability-manager",
"description" : "There is a vulnerability in the Dojo library used by IBM WebSphere Application Server traditional in the Admin Console and used by the IBM WebSphere Application Server Liberty with the adminCenter-1.0 feature enabled that allows arbitrary code to be executed in the browser. This has been addressed.",
"id" : "6433c4ec-30c1-3683-9b0d-9999ca94a214",
"name" : "6558594 : server1@defected1.example.com",
"updated" : "2023-06-12T10:28:26Z",
"updatedBy" : "server-registration-processor",
"assetId" : "1a5d141a-3294-3ff3-9182-5ae1d4f3465d",
"cves" : [ {
"cvssBaseScore" : 9.8,
"description" : "Dojo could allow a remote attacker to execute arbitrary code on the system, caused by a prototype pollution in the setObject function. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.",
"id" : "CVE-2021-23450"
} ],
"remediations" : [ {
"additionalInstallationInstructions" : "https://www.ibm.com/support/pages/node/6558594",
"endVersion" : "9.0.5.11",
"fixPack" : "9.0.5.12",
"iFixes" : [ "PH43148" ],
"operator" : "OR",
"startVersion" : "9.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 1739,
"securityBulletinId" : "fa87efd3-6092-392e-b15c-bbab13d5e5b4"
}, {
"created" : "2023-06-12T09:52:43Z",
"createdBy" : "vulnerability-manager",
"description" : "Multiple vulnerabilities exist in the Apache Log4j (CVE-2022-23302, CVE-2022-23305, CVE-2022-23307) library used by IBM WebSphere Application Server in the Admin Console and UDDI Registry application. The same Apache library is also used by the IBM WebSphere Application Server Liberty for z/OS in features zosConnect-1.0 and zosConnect-1.2. All vulnerabilities have been addressed previously by removing all existing Apache Log4j versions.",
"id" : "70357d34-411d-3321-a60f-ede653897a55",
"name" : "6557248 : server1@defected1.example.com",
"updated" : "2023-06-12T10:28:26Z",
"updatedBy" : "server-registration-processor",
"assetId" : "1a5d141a-3294-3ff3-9182-5ae1d4f3465d",
"cves" : [ {
"cvssBaseScore" : 8.8,
"description" : "Apache Log4j could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization in JMSSink. By sending specially-crafted JNDI requests using TopicConnectionFactoryBindingName configuration, an attacker could exploit this vulnerability to execute arbitrary code on the system.",
"id" : "CVE-2022-23302"
}, {
"cvssBaseScore" : 6.5,
"description" : "Apache Log4j is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements to the JDBCAppender, which could allow the attacker to view, add, modify or delete information in the back-end database.",
"id" : "CVE-2022-23305"
}, {
"cvssBaseScore" : 9.8,
"description" : "Apache Log4j could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in the in Apache Chainsaw component. By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system.",
"id" : "CVE-2022-23307"
} ],
"remediations" : [ {
"additionalInstallationInstructions" : "https://www.ibm.com/support/pages/node/6557248",
"endVersion" : "9.0.5.10",
"fixPack" : "9.0.5.11",
"iFixes" : [ "PH42762" ],
"operator" : "OR",
"startVersion" : "9.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 1739,
"securityBulletinId" : "23c15e59-1ef9-3eb5-a175-0845597cdbc1"
}, {
"created" : "2023-06-12T09:52:44Z",
"createdBy" : "vulnerability-manager",
"description" : "There is a vulnerability in the Dojo library used by WebSphere Application Server. This has been addressed.",
"id" : "6cbe3fea-f56c-3a85-bc79-44ad1e3f0bb2",
"name" : "6443101 : server1@defected1.example.com",
"updated" : "2023-06-12T10:28:26Z",
"updatedBy" : "server-registration-processor",
"assetId" : "1a5d141a-3294-3ff3-9182-5ae1d4f3465d",
"cves" : [ {
"cvssBaseScore" : 7.5,
"description" : "Dojo dojo could allow a remote attacker to inject arbitrary code on the system, caused by a prototype pollution flaw. By injecting other values, an attacker could exploit this vulnerability to overwrite, or pollute, a JavaScript application object prototype of the base object.",
"id" : "CVE-2020-5258"
} ],
"remediations" : [ {
"endVersion" : "9.0.5.7",
"fixPack" : "9.0.5.8",
"iFixes" : [ "PH34122" ],
"operator" : "OR",
"startVersion" : "9.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 1739,
"securityBulletinId" : "990c902a-63a4-358b-bee7-734d343d359b"
}, {
"created" : "2023-06-12T09:52:44Z",
"createdBy" : "vulnerability-manager",
"description" : "There is a vulnerability in the Apache Log4j open source library used by WebSphere Application Server. This affects the WebSphere Application Server Admin Console and the UDDI Registry Application. This vulnerability has been addressed.",
"id" : "026324a2-eaf2-380a-99dc-a94daa8f69e8",
"name" : "6525706 : server1@defected1.example.com",
"updated" : "2023-06-12T10:28:27Z",
"updatedBy" : "server-registration-processor",
"assetId" : "1a5d141a-3294-3ff3-9182-5ae1d4f3465d",
"cves" : [ {
"cvssBaseScore" : 10.0,
"description" : "Apache Log4j could allow a remote attacker to execute arbitrary code on the system, caused by the failure to protect against attacker controlled LDAP and other JNDI related endpoints by JNDI features. By sending a specially crafted code string, an attacker could exploit this vulnerability to load arbitrary Java code on the server and take complete control of the system. Note: The vulnerability is also called Log4Shell or LogJam.",
"id" : "CVE-2021-44228"
} ],
"remediations" : [ {
"additionalInstallationInstructions" : "https://www.ibm.com/support/pages/node/6525706",
"endVersion" : "9.0.5.10",
"fixPack" : "9.0.5.11",
"iFixes" : [ "PH42728" ],
"operator" : "OR",
"startVersion" : "9.0.0.0"
} ],
"resolved" : false,
"secondsExposed" : 1739,
"securityBulletinId" : "8d4d608f-2d56-3c67-a8c8-6b963e1ce4c6"
} ],
"version" : "9.0.5.7",
"adminUiUrl" : "http://10.21.12.91:9060/ibm/console",
"edition" : "ND",
"groups" : [ "test", "WebSphere Cells", "WebSphere Cells/DefaultCell01", "WebSphere Cells/DefaultCell01/WebSphere Nodes", "WebSphere Cells/DefaultCell01/WebSphere Nodes/DefaultNode01" ],
"installDirectory" : "/opt/WAS",
"jdkId" : "f0842917-7c96-389e-b99f-302df459f944",
"lastContact" : "2023-06-12T10:28:25Z",
"profileDirectory" : "/opt/WAS/profiles/AppSrv01",
"serverName" : "server1",
"serverType" : "application-server",
"cellName" : "DefaultCell01",
"nodeName" : "DefaultNode01"
}
}