CVE-2019-4305

IBM WebSphere Application Server Liberty could allow a remote attacker to obtain sensitive information caused by the improper setting of a cookie. IBM X-Force ID: 160951.

Published : 2019-09-30 16:15 Updated : 2019-10-09 23:50

5.0
CVSS Score More info
Score 5.0 / 10
5.0
Vendor Product Version URI
Ibm Websphere Application Server - cpe:/a:ibm:websphere_application_server:-::~~liberty~~~
Ibm Websphere Application Server 8.5.5.5 cpe:/a:ibm:websphere_application_server:8.5.5.5::~~liberty~~~
Ibm Websphere Application Server 8.5.5.6 cpe:/a:ibm:websphere_application_server:8.5.5.6::~~liberty~~~
Ibm Websphere Application Server 8.5.5.7 cpe:/a:ibm:websphere_application_server:8.5.5.7::~~liberty~~~
Ibm Websphere Application Server 8.5.5.8 cpe:/a:ibm:websphere_application_server:8.5.5.8::~~liberty~~~
Ibm Websphere Application Server 8.5.5.9 cpe:/a:ibm:websphere_application_server:8.5.5.9::~~liberty~~~
Ibm Websphere Application Server 8.5.5.13 cpe:/a:ibm:websphere_application_server:8.5.5.13::~~liberty~~~
Ibm Websphere Application Server 16.0.0.2 cpe:/a:ibm:websphere_application_server:16.0.0.2::~~liberty~~~
Ibm Websphere Application Server 16.0.0.3 cpe:/a:ibm:websphere_application_server:16.0.0.3::~~liberty~~~
Ibm Websphere Application Server 16.0.0.4 cpe:/a:ibm:websphere_application_server:16.0.0.4::~~liberty~~~
Ibm Websphere Application Server 17.0.0.1 cpe:/a:ibm:websphere_application_server:17.0.0.1::~~liberty~~~
Ibm Websphere Application Server 17.0.0.2 cpe:/a:ibm:websphere_application_server:17.0.0.2::~~liberty~~~
Ibm Websphere Application Server 17.0.0.3 cpe:/a:ibm:websphere_application_server:17.0.0.3::~~liberty~~~
Ibm Websphere Application Server 17.0.0.4 cpe:/a:ibm:websphere_application_server:17.0.0.4::~~liberty~~~
Ibm Websphere Application Server 18.0.0.1 cpe:/a:ibm:websphere_application_server:18.0.0.1::~~liberty~~~
Ibm Websphere Application Server 18.0.0.2 cpe:/a:ibm:websphere_application_server:18.0.0.2::~~liberty~~~
Ibm Websphere Application Server 18.0.0.3 cpe:/a:ibm:websphere_application_server:18.0.0.3::~~liberty~~~
  1. Ibm (1) Search CVE
    1. Websphere Application Server (17) Search CVE
      1. -
      2. 8.5.5.5
      3. 8.5.5.6
      4. 8.5.5.7
      5. 8.5.5.8
      6. 8.5.5.9
      7. 8.5.5.13
      8. 16.0.0.2
      9. 16.0.0.3
      10. 16.0.0.4
      11. 17.0.0.1
      12. 17.0.0.2
      13. 17.0.0.3
      14. 17.0.0.4
      15. 18.0.0.1
      16. 18.0.0.2
      17. 18.0.0.3

CWE

ID Name Description Links
CWE-565 Reliance on Cookies without Validation and Integrity Checking The application relies on the existence or values of cookies when performing security-critical operations, but it does not properly ensure that the setting is valid for the associated user. CVE

History of changes

Date Event
2019-10-01 14:18
2019-09-30 16:15

New CVE