CVE-2016-9692

Name of the Vulnerable Software and Affected Versions IBM WebSphere Cast Iron Solution versions 7.0.0 through 7.5.0.0

Description The issue is caused by improper validation of user-supplied input, allowing a remote attacker to exploit it and induce the application to perform server-side DNS lookups or HTTP requests to arbitrary domain names. By submitting suitable payloads, an attacker can cause the application server to attack other systems that it can interact with.

Recommendations For IBM WebSphere Cast Iron Solution versions 7.0.0 through 7.5.0.0, update to a version that properly validates user-supplied input to prevent External Service Interaction attacks.