Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Multicast DNS (mDNS) responder in IBM Security Access Manager for Web 7.x before 7.0.0 FP12 and 8.x before 8.0.1 FP1 inadvertently responds to unicast queries with source addresses that are not link-local, which allows remote attackers to cause a denial of service (traffic amplification) or obtain potentially sensitive information via port-5353 UDP packets.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
IBM Security Access Manager for Web Multicast DNS 信息泄露漏洞
Vulnerability Description
IBM Security Access Manager(ISAM)for Web(前称IBM Tivoli Access Manager for e-business)是美国IBM公司的一套用于用户认证、授权和Web单点登录解决方案中的产品,它提供用户访问管理和Web应用保护功能。 ISAM for Web的Multicast DNS(mDNS)响应器中存在安全漏洞,该漏洞源于程序没有正确响应带有特制的源地址(不是本地链接)的单播查询。远程攻击者可借助port-5353 UDP数据包利用该漏洞造成拒绝服务
CVSS Information
N/A
Vulnerability Type
N/A