vulnerability

IBM WebSphere Application Server: CVE-2018-1695: Potential spoofing attack in WebSphere Application Server (CVE-2018-1695)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
7	(AV:N/AC:M/Au:N/C:P/I:P/A:P)	Sep 6, 2018	Nov 13, 2018	Mar 27, 2026

Severity

CVSS

(AV:N/AC:M/Au:N/C:P/I:P/A:P)

Published

Sep 6, 2018

Added

Nov 13, 2018

Modified

Mar 27, 2026

Description

IBM WebSphere Application Server 7.0, 8.0, and 8.5.5 installations using Form Login could allow a remote attacker to conduct spoofing attacks. IBM X-Force ID: 145769.

Solutions

ibm-was-install-7-0-0-0-pi99402ibm-was-install-8-0-0-0-pi99402

References

CVE-2018-1695
https://attackerkb.com/topics/CVE-2018-1695
CWE-290
EUVD-EUVD-2018-12274
IBM-ibm10716523
https://euvd.enisa.europa.eu/vulnerability/EUVD-2018-12274
https://exchange.xforce.ibmcloud.com/vulnerabilities/145769
https://www-01.ibm.com/support/docview.wss?uid=ibm10716523

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report