IBM WebSphere Application Server 7.1 Lombardi Edition

CPE Details

IBM WebSphere Application Server 7.1 Lombardi Edition
ibm
websphere_application_server
7.1
2012-02-23
13h00 +00:00
2012-02-29
23h17 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:ibm:websphere_application_server:7.1:*:lombardi:*:*:*:*:*

Informations

Vendor

ibm

Product

websphere_application_server

Version

7.1

edition

lombardi

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2012-2162 2012-05-01 17h00 +00:00 The Web Server Plug-in in IBM WebSphere Application Server (WAS) 8.0 and earlier uses unencrypted HTTP communication after expiration of the plugin-key.kdb password, which allows remote attackers to obtain sensitive information by sniffing the network, or spoof arbitrary servers via a man-in-the-middle attack.
6.8
CVE-2010-2087 2010-05-27 18h32 +00:00 Oracle Mojarra 1.2_14 and 2.0.2, as used in IBM WebSphere Application Server, Caucho Resin, and other applications, does not properly handle an unencrypted view state, which allows remote attackers to conduct cross-site scripting (XSS) attacks or execute arbitrary Expression Language (EL) statements via vectors that involve modifying the serialized view object.
4.3