Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The JAX-RPC WS-Security runtime in the Web Services Security component in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.23 and 7.0 before 7.0.0.3, when APAR PK41002 is installed, does not properly validate UsernameToken objects, which has unknown impact and attack vectors.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
IBM WebSphere Application Server JAX-RPC WS-Security 输入验证漏洞
Vulnerability Description
IBM WebSphere Application Server是一个完善的、开放的Web应用服务器,它是IBM电子商务应用架构的核心。 当APAR PK41002被安装时,IBM WebSphere Application Server (WAS) 6.1.0.23之前的6.1版本和7.0.0.3之前的7.0版本的Web Services安全组件中的JAX-RPC WS-Security运行时间没有正确的验证用户名标识objects。它有未知影响和攻击向量。
CVSS Information
N/A
Vulnerability Type
N/A