vulnerability

IBM WebSphere Application Server: CVE-2017-1194: Cross-site request forgery in WebSphere Application Server (CVE-2017-1194)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
7	(AV:N/AC:M/Au:N/C:P/I:P/A:P)	2017-04-28	2018-04-27	2025-04-25

Severity

CVSS

(AV:N/AC:M/Au:N/C:P/I:P/A:P)

Published

2017-04-28

Added

2018-04-27

Modified

2025-04-25

Description

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 123669.

Solution(s)

ibm-was-install-7-0-0-0-pi77770ibm-was-install-8-0-0-0-pi77770ibm-was-install-8-5-0-0-pi77770ibm-was-install-8-5-pi77770-libertyibm-was-install-9-0-0-0-pi77770ibm-was-upgrade-7-0-0-0-7-0-0-45ibm-was-upgrade-8-0-0-0-8-0-0-14ibm-was-upgrade-8-5-0-0-8-5-5-12ibm-was-upgrade-8-5-17-0-0-2-libertyibm-was-upgrade-9-0-0-0-9-0-0-4

References

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today