PT-2016-4185 · Ibm · Ibm Websphere Extreme Scale

Blomster81

Published

2016-07-02

Updated

2017-09-03

CVE-2016-0400

CVSS v3.1

6.1

Medium

Vector

AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions IBM WebSphere eXtreme Scale versions 7.1.0 through 7.1.0.2 IBM WebSphere eXtreme Scale versions 7.1.1 through 7.1.1.0 IBM WebSphere eXtreme Scale versions 8.5.0 through 8.5.0.2 IBM WebSphere eXtreme Scale versions 8.6.0 through 8.6.0.7

Description A CRLF injection issue allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL.

Recommendations For IBM WebSphere eXtreme Scale versions 7.1.0 through 7.1.0.2, update to version 7.1.0.3 or later. For IBM WebSphere eXtreme Scale versions 7.1.1 through 7.1.1.0, update to version 7.1.1.1 or later. For IBM WebSphere eXtreme Scale versions 8.5.0 through 8.5.0.2, update to version 8.5.0.3 or later. For IBM WebSphere eXtreme Scale versions 8.6.0 through 8.6.0.7, update to version 8.6.0.8 or later.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2016-0400

Affected Products

Ibm Websphere Extreme Scale

PT-2016-4185 · Ibm · Ibm Websphere Extreme Scale

CVE-2016-0400

Related Identifiers

Affected Products

References · 6