Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
CRLF injection vulnerability in IBM WebSphere eXtreme Scale 7.1.0 before 7.1.0.3, 7.1.1 before 7.1.1.1, 8.5 before 8.5.0.3, and 8.6 before 8.6.0.8 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
IBM WebSphere eXtreme Scale HTTP响应拆分漏洞
Vulnerability Description
IBM WebSphere eXtreme Scale是美国IBM公司的一套分布式高速缓存解决方案。该方案提供高性能、可扩展的高速缓存框架和网格技术,可处理海量事务、降低数据库的性能限制等。 IBM WebSphere eXtreme Scale中存在HTTP响应拆分漏洞,该漏洞源于程序处理恶意请求时没有正确验证用户输入。远程攻击者可借助特制的URL利用该漏洞注入包含Unicode字符的HTTP头,实施HTTP响应拆分攻击。以下版本受到影响:IBM WebSphere eXtreme Scale 7.1.
CVSS Information
N/A
Vulnerability Type
N/A