Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Feature Pack for Communications Enabled Applications (CEA) before 1.0.0.1 for IBM WebSphere Application Server 7.0.0.7 uses predictable session values, which allows man-in-the-middle attackers to spoof a collaboration session by guessing the value.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
IBM WebSphere Application Server Communications Enabled Applications 加密问题漏洞
Vulnerability Description
IBM WebSphere Application Server (WAS)是由IBM遵照开放标准,例如Java EE, XML还有Web Services,开发并发行的一种应用服务器。IBM WebSphere Application Server 7.0.0.7的1.0.0.1版本之前的Communications Enabled Applications (CEA)的Feature Pack使用可预报的会谈值,处于中介的攻击者可以通过估值骗取协作会谈。
CVSS Information
N/A
Vulnerability Type
N/A