CVE-2021-39031

Name of the Vulnerable Software and Affected Versions IBM WebSphere Application Server - Liberty versions 17.0.0.3 through 22.0.0.1

Description The issue allows a remote authenticated attacker to conduct an LDAP injection. By using a specially crafted request, an attacker could exploit this and result in granting permission to unauthorized resources.

Recommendations For versions 17.0.0.3 through 22.0.0.1, consider restricting access to LDAP resources until a patch is available. As a temporary workaround, avoid using specially crafted requests that could exploit the LDAP injection vulnerability.