CVE-2008-4111 — IBM Websphere Application Server vulnerability

3 documents3 sources

Severity

9.3CRITICALNVD

EPSS

1.0%

top 22.53%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Websphere Application Server

Timeline

PublishedSep 16

Latest updateMay 2

Description

Unspecified vulnerability in Servlet Engine/Web Container in IBM WebSphere Application Server (WAS) 6.0.2 before 6.0.2.31 and 6.1 before 6.1.0.19, when the FileServing feature is enabled, has unknown impact and attack vectors.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages1 packages

▶NVDibm/websphere_application_server21 versions+20

Patches

Patch: www-01.ibm.com ↗Patch: www-01.ibm.com ↗

🔴Vulnerability Details

GHSA

GHSA-357w-9vjc-5qxw: Unspecified vulnerability in Servlet Engine/Web Container in IBM WebSphere Application Server (WAS) 6↗2022-05-02

▶

CVEList

CVE-2008-4111: Unspecified vulnerability in Servlet Engine/Web Container in IBM WebSphere Application Server (WAS) 6↗2008-09-16

▶