Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Application Snoop Servlet in IBM WebSphere Application Server 7.0 before 7.0.0.23 does not properly restrict access, which allows remote attackers to obtain sensitive client and request information via a direct request.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
IBM WebSphere Application Server信息泄漏漏洞
Vulnerability Description
IBM WebSphere Application Server (WAS)是由IBM遵照开放标准,例如Java EE, XML 还有Web Services,开发并发行的一种应用服务器。 IBM WebSphere Application Server中存在敏感信息泄漏漏洞,该漏洞源于在处理请求时Application Snoop Servlet中缺少访问控制。攻击者可利用该漏洞泄露请求和用户信息。以下版本中存在该漏洞:运行在IBM i系列和z/OS上的6.1版本、7.0版本和8.0版本。
CVSS Information
N/A
Vulnerability Type
N/A