← voltar
CVE-2014-0954

CVE-2014-0954

EPSS 1.3%
IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0 through 7.0.0.2 CF28, and 8.0 before 8.0.0.1 CF12 does not validate JSP includes, which allows remote attackers to obtain sensitive information, bypass intended request-dispatcher access restrictions, or cause a denial of service (memory consumption) via a crafted URL.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://exchange.xforce.ibmcloud.com/vulnerabilities/92627http://www-01.ibm.com/support/docview.wss?uid=swg1PI15723http://www-01.ibm.com/support/docview.wss?uid=swg21672572