← volver
CVE-2014-0954

CVE-2014-0954

EPSS 1.3%
IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0 through 7.0.0.2 CF28, and 8.0 before 8.0.0.1 CF12 does not validate JSP includes, which allows remote attackers to obtain sensitive information, bypass intended request-dispatcher access restrictions, or cause a denial of service (memory consumption) via a crafted URL.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://exchange.xforce.ibmcloud.com/vulnerabilities/92627http://www-01.ibm.com/support/docview.wss?uid=swg1PI15723http://www-01.ibm.com/support/docview.wss?uid=swg21672572